Twitter malware is stealing banking credentials. The Malware launches a Man-in the Browser (MitB) Attack through the browser of infected PCs, gaining access to the victim's Twitter account to malicious tweets & sends them through a compromised account of a trusted person or organization being followed.
At this time the attack is targeting the dutch market. The malware is spreading via the online social networking service, used as a financial malware to gain access to user credentials & target their financial transactions.
The attack is carried out by injecting Javascript code into the victim's Twitter account page. The malware collects the user's authentication token, which enables it to make authorized calls to Twitter's APIs, & then posts new, malicious tweets on behalf of the victim.
No comments:
Post a Comment