News ArchiveSocial Media

Twitter worm hits, redirects to fake anti-virus

Kaspersky Lab malware researcher Nicolas Brulez said the original “” links in the Twitter messages are redirecting users to different domains with a “m28sx.html” page.  That page then redirects to a static domain with a Ukrainian top level address.

As if it was not enough, this domain redirects the user to another IP address which has been linked in the past to fake anti-virus distributions.  ”This IP address will then do the final redirection job, which leads to the actual Fake AV site,” Brulez explained.

Once a user’s browser session is redirected to the malicious site, a warning message claims the computer is running suspicious applications and the user is encouraged to run a scan.  As usual, the result is that the machine is infected with malicious threats and the scam is to trick the user into downloading a fake disinfection tool.


PC Tech

Posts on this account are made by various editors.
Back to top button

Adblock Detected

Please disable your adblocker to continue accessing this site.