Compromised Twitter accounts spammed up to eight messages per second with links redirecting users to the infamous BlackHole exploit kit. The rogue tweet contained messages such as 'online virus check, 'proven anti-virus', 'excellent anti-virus' and links to websites with .TK and .TW.SU domain names. The BlackHole exploit kit is a vicious exploit, so much so that the fraudsters are using a high variation of links, messages and hijacked accounts to run the spamming campaign. Twitter's URL filtering system was unable to block the malicious tweets. Kaspersky reported 540 compromised accounts had sent out 4,148 tweets, linking to 44 unique domains.
View all comments