Archives January 2009

New version of Twitter Phishing Scam with access-logins

Excellent! One of my self-infected accounts I created to track this Phishing scam has hit paydirt!

Here is what the tweet will look like:

Hey, i found a website with your pic on it... LOL check it out here

It brings you to the same type of site, again no malware or spyware executing by visiting there.

By now the site should be in your anti-phishing dialog (Chrome and Firefox caught it, I had to bypsas that to get to the site)

You do have to watch out because the method of distribution of this attack appears to be very SLOW to hit, I’ll see tweets come 2-3 or 15-20 minutes a part from the same account, so be wary of the tweets we’re in for a long night of this infection continuing to spread!

If you have been infected – Change your password, and make sure you haven’t stopped following people.   That’s all I can say for now.  Reference these links for more details on this Phishing Scam on Twitter

Twitter Phishing Scam with Blogspot – Post Mortem

Phishing Scams finally hit Twitter!

Gone Phishing

Who is Craig Martin (A funny blog post about You!)

Alright, in honor of the great successes brought about by Jason Mitchener’s question before, a few more funny blog posts! (It may not be funny, it may simply be ironic what this Worm has done ;))

So on to our question of – Who is Craig Martin?

Full-time traveller; lover of coffee and wine; editor of websites 

Which is a pretty good question, he appears to be a traveler and a Kiwi – I love Kiwi’s, especially with Strawberry!  

Well, for one thing by the look of his website he’s a pretty busy guy out wining and dining err wining.

He’s an editor of websites, so I’d suggest checking out his (various) sites, because from his main site alone, wow! Looks good to me! Very structured especially inlight of others trying to do similar and only inducing chaos.   I also think it’s cute how he says “zed” in his little video, not to mention that he has a whole introduction and video going on – while sitting in a beautiful garden!

He’s a traveler, adventurer, Ninja.  Okay, maybe he’s not a traveler, but he is a hardcore ninja, the likes of which you could only counteract with Pirates.

So, be sure to follow @craig_martin and check him out, he’s great and apparently with his following of 666 followers he’s in lieu with the devil so help break him from that habit! ;)

Oh, and he’s very friendly so check him out! :)

Twitter Phishing Scam with Blogspot – Post Mortem

What are our lessons learned so far from this little Twitter Phishing Scam?

First of all, this involved infecting a single or single groups of people.

Distribution consisted of Infect a person by sending them to a site to capture their credentials.   Once those usernames and passwords were collected, they would then use those compromised credentials to send this same message (via DM) to their followers, and continue the spread.

If Joe has 10 followers and DM’s it to those 10, and those 10 have 10 followers and DM it to the next 10, shortly you’d have thousands who are redistributing this – So long as they’ve visited the site and entered their credentials to be captured.

I see a lot of anger “I’m going to get person ‘x’ who sent me this message!”

It’s not the fault of the sender, not entirely.   They were compromised by a phishing scam, it happens, you should work towards educating them instead of castrating them.  So next time it will be part of their sense to not transmit their username/password to an untrusted site.

How could this terrible thing have happened? Now I hate (BlogSpot, Twitter, Followers)

Don’t hate the player, just be glad that it WAS done this way (a semi-safe site with only a small portion of cookies which get added to your browser)   Here is what could have happened if it were introduced in an effective ‘distribution manner’.

You visit the site, you are prompted for credentials.  Perhaps you’re prompted for credentials, though the better payload would be in the form of Malware, Spyware, Phishing-ware, Password capturers, and a number of other infection mechanisms.

Once this would be done, you’d be able to compromised on a number of fronts and able to distribute this to millions instead of just the few followers you have – Infecting Facebook, your banking account, etc so on and so forth.

What can I do about this in the future?

The universal rule of communication, especially unsolicited is ask yourself a few questions.   Would you visit this link if you were having a conversation with the person? Having established rapport with them while talking? Yes likely.

However the tip here is – Random “auto-dm’s” does not guarantee a reason to visit their link.  Yes a lot of people DO send out auto-DM’s, to the bane of all of us (SocialToo/ChrisBrogan– Thanks for helping limit that exposure!)  However, don’t bane all communication in the future.   If you think someone seriously DID write a funny blogpost about you because the person knows you, definitely do check it out! But in all seriousness, if you’ve not had some kind of established communication with this person to justify it, and let alone it brings you to not a funny blogpost, but to a fake twitter login page – Be sure to question it and use your common sense here.

Oh, and be wary of ever entering your credentials – again unless you explicitly trust the source.

Hopefully this Post-Mortem helps you deal with this situation, I’m still waiting for my self-infected account to start tweeting out to me (Controlled infection) For every problem there will be people looking to exploit it, and others trying to solve and contain it.   I’ll be there trying to find new solutions and rid the world of future exposure as well :)

Good luck, and feel free to follow me if you like :) @cxi

Who is Jason Mitchener? (A funny blog post about You!)

Christian author, artist, songwriter, speaker, and aspiring screenwriter. Physically disabled but mentally thriving.

 

In light of the recent Twitter Phishing Scam Jason asked this very poignant question:

Big question is do people truly believe someone would write a funny blog about them?

Well Jason, the honest to god truth is.  Yes, some of us indeed will, especially because YOU asked that question!

So, who is Jason Mitchener? That’s a good question, by his Profile it looks like he’s a Christian Author, Artist, Songwriter, Speaker, Aspiring Screenwriter – Physically disabled but Mentally thriving.   First of all, let me just say.  Wow.

That is quite a laundry list of not only accomplishments but aspirations and developments for any living person.

I visited Jason’s website JasonMitchener.com to find out more about him and to tell you the truth he sounds like a great person!   (Not to mention having a really decent webpage and layout!)

Jason is Confined to an electric wheelchair with a rare form of neuromuscular disease, using a ventilator to breathe.

His body may be confined, but his spirit soars free.

 

 

At this point, I want each of you to think for one moment, if you were in a similar position or situation would you have the same level of accomplishments?  Now put that to the side and ask yourself, what more you can do with the opportunity which is around you every day.

Jason is a perfect example of – It doesn’t matter what cards you’re dealt, it is how you play them, and by the looks of it Jason has a full house.

Jason you’re an honor and an inspiration to anyone who you might come across in all of the avenues you look to pursue and I’m glad that Twitter is graced with the opportunity for your poignant questions about who’d write a funny blog about them (Even if this isn’t funny, but rather insightful! :))

Thanks Jason and welcome to the tweetosphere!

Phishing Scams finally hit Twitter!

Ever been Phished on Twitter? Get ready to.

You might receive a message similar to this:

hey! check out this funny blog about you... http://jannawalitax.blogspot.com/

Going to this page causes a redirect to this lovely site: http://twitter.access-logins.com/login/

image

Wow, that looks like the Twitter login page, however it isn’t Twitter.

Don’t enter your credentials, for you begin to enter into the world of being Phished!

Simply clicking on each of their links results in a broken page as well (That’s not very good phishing!)

Not Found

The requested URL /about was not found on this server.

Even their SignUp link is broken!

Once you enter your credentials you’re passed on to the Twitter.com mainsite and are able to see the basic information you’d see as if you were logging in to twitter.

I created a test account specifically to bring you that information :)

So, beware, and be sure not to visit this site and enter your credentials.

This is REAL Phishing in motion!

FYI: When this operates correctly, it appears to operate in an almost “Worm-like” fashion by infecting one person and then sending the payload “Auto-DM” to everyone that is following the person, so on and so forth while it spreads itself through the interwebs.

I’m still trying to self-infect a test account in order to see it in action, but so far on luck!