Twitter Trending Topics Used to Tweet Malware

First it was spammy viral marketers and childish pranks.  Now Twitter has reached the same level of insecurity as everywhere else on the web, as scammers have begun to tweet out malware-ridden links. While this isn’t YATW, these malware makers are hijacking trending topics to push their poison into the wild.

Mashable reports on how scammers have begun to spread links to sites “Twitterbest” and “Zasaden” on the .mp domain. Both host the commonly seen flash codec trojan which prompts the user to allow installation of what is supposedly an update to Adobe Flash player, and in actuality a rogue anti-virus utility, this one going by the name of “Fast Anti-Virus 2009.” The name may sound familiar to technicians on the front lines of virus removal, as it has been used by rogue anti-virus programs dating back to at least May.

Avoiding the bad domains is only half of the battle though, due to the fact that the vast majority of URLs posted on Twitter are via URL shortening services. Without 3rd party tools, there’s no way to tell where these links terminate before clicking them, and the trust instilled in most people by social media provides a sufficiently wide opening through which to ram a trojan exploit.

The upside is that since Twitter is apparently already censoring trending topics, we might be one step closer to finally getting rid of them altogether.

About the Author

Ryan Meray operates C! Tech Solutions, a computer repair company serving northern Metro Detroit, Michigan. He also serves on the Board of Directors of his local Chamber of Commerce. Ryan hopes he doesn't have to spend the next 30 years removing Vundo infections, and he Tweets occasionally.

Comments (3)

  • Julien says:

    “here’s no way to tell where these links terminate before clicking them”

    You can use a secured URL shortener such as ( does extensive security tests on all links, and display a warning instead of a redirection is the link is potentially harmfull: XSS, malware, virus, dangerous ActiveX, spam, adult content, phishing attack, etc.

  • Teknyka says:

    The “LongURL Mobile Expander” for Firefox shows you the full name of where a short URL goes just by hovering your mouse over it.

  • Mike says:

    Great tips on how to see where the short URL will take you, I have setup both: LognURL and bookmarked

    Thanks Loads