Fake Tweets Directing Users to Weight Loss Spam and Malicious Installs

0

A large number of comprised accounts on Twitter have been tweeting malicious links redirecting to fake diet website spam, and gathering fake installs.

The most recent attack on Twitter appears to be a large scale weight loss scam. A recent cyber attack was launched targeting high profile Twitter accounts. Accounts reached Verisign, VMWareFusion, amongst others.

Researchers at Malwarebytes labs reported a large number of spam directed from a fake CNN account. The fake CNN account gathering over four thousand followers appears to be complete bogus.

Fake CNN Twitter Scam, Freedom Hacker

Picture credit blog.malwarebytes.org.

The fake account named, “CNN_HotIine” gathered a small following fast. The profile reads “Breaking News” and approaches the “CNN Hotline”. The actual URL is spelling with and capital I, instead of an L.

Cyber criminals, and scammers often impersonate companies to fool potential victims. The CNN look-a-like account had since had the spammy links removed, but still claimed to be a CNN associated account. Twitter has since ban the fake account as of April 19/20th.

The shortened goo.gl links lead to a diet facts website. The initial page load does not contain any malicious content. To get a “free trial” of the alleged dietary product, directs to a malicious install page. Accessing the free trial page loads up an iLivid installer prompt.

Twitter Scam ilivid malicious installer, Freedom Hacker

Picture credit to http://blog.malwarebytes.org.

Through a scan at VirusTotal, Malwarebytes and other firms label the tool as malicious, and brand the tool as PUP.Optional.Bandoo.

The popular weight loss and dietary scams have recently started to take over Twitter. On April 19-20th various high profile verified Twitter accounts were comprised, and tweeting the same spam. Verisign, VMWareFusion and others had their Twitter account comprised.

As always be careful clicking on masked links, and installing unknown programs into browsers. Looking up the various statements on Twitter linking to the weight loss spam, a trove of accounts are comprised. A few of the malicious Tweets read “Doctor oz was absolutely right about this! >malicious link<”, “I’m down almost 13 pounds this month, woohoo! >malicious link<”, and “Oprah, Dr Oz, and CNN all backing the new Coffee Bean weight loss craze…Find out WHY! –>malicious link<—“.

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

Leave A Reply

Send this to friend