Why you should beware of trending Twitter hashtags

Security

by Jimmy Nicholls| 21 July 2014

Hackers and spammers target the MH17 hashtag.

Criminals are exploiting a Twitter hashtag linked to the Malaysian Airlines crash in Ukraine to distribute a variant of the Zeus trojan, according to security firm Trend Micro.

Messages posted in Indonesian with the hashtag #MH17 link unsuspecting users to legitimate blogs and malicious domains, with spammers and hackers looking to boost traffic and infect machines.

Trend Micro said: "In the past we've seen several scams and threats that leveraged news of typhoon Haiyan, the Boston marathon, and 2011 tsunami/earthquake in Japan among others.

"We expect that as soon as more details of the MH17 crash unfolds, cybercriminals will launch other attacks that may possibly lead to personal information theft and system infection."

Two American IP addresses linked to multiple domains are being used in the attacks, which hope to capitalise on commonly searched terms on the social network and buzz around particular topics.

Shortened URLS are used to disguise the destination of the links, being common on Twitter due to the 140 character limit.

News of the crash broke on the social network when the airline announced that it had lost contact with one of its flights, in a message that was retweeted more than 74,000 times.

It read: "Malaysia Airlines has lost contact of MH17 from Amsterdam. The last known position was over Ukrainian airspace. More details to follow."

As the episode unfolded the airline continued to release updates on its Twitter feed, further stoking activity on the social network.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

754 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.