Twitter Direct Message Cybercrime Campaign?

You should avoid clicking on links in direct messages that you receive on Twitter today. “what on earth do you think you are doing in our video clip?” – is the current direct message.

Twitter Direct Message

Twitter direct message (if Facebook link is clicked) redirects to a Facebook app that redirects to hXXp://193.107.19.145/rem.php? [hosted on Victoria, Mahe, Seychelles Ideal Solution Ltd, inetnum: 193.107.16.0 – 193.107.19.255].

Spamhaus (SBL) initially listed IP:193.107.19.150 as a DDoS botnet controller on March 5, 2012 and IP:193.107.16.194 as a money mule database used by ZeuS/SpyEye botnet masters on May 25, 2011.

VirusTotal is reporting this as a clean site (though still unrated by Sophos and Websense).

__________________________________________________________________________

Leave a reply