Compromised Accounts Tweeting Links to Malware

It is not uncommon to see social media accounts, specifically Twitter accounts, directing users to malicious sites such as the ones hosting Android.Opfake, an issue we blogged about last year. Recently, we discovered that the accounts of innocent users were being compromised to tweet these types of malicious links to their followers.

The series of compromised accounts appears to have started around the beginning of July and has affected users globally. A broad range of accounts have been compromised for weeks and many users have yet to notice that their accounts are sending out malicious tweets, even though hundreds of tweets may have already been sent.

SOURCE: symantec.com