Twitter DMs from your friends can lead to Facebook video malware attack

Have you received a Twitter message from an online friend, suggesting you have been captured in a Facebook video?

A number of Naked Security readers have been in touch in recent days regarding a variety of direct messages that have been spammed out from compromised Twitter accounts.

The aim of the messages? To trick the unwary into clicking on a link.. and ultimately infect computers.

In this example, the program you are being invited to download is called FlashPlayerV10.1.57.108.exe, and is detected by Sophos anti-virus products as Troj/Mdrop-EML, a backdoor Trojan that can also copy itself to accessible drives and network shares.

Quite how users' Twitter accounts became compromised to send the malicious DMs in the first place isn't currently clear, but the attack underlines the importance of not automatically clicking on a link just because it appeared to be sent to you by a trusted friend.

Read all [link to nakedsecurity.sophos.com]