I've been hanging around Download Squad HQ enough to know that our readers love hearing about Twitter ad nauseam, and that none of those readers fear being RickRolled or ever click on links originating from profiles they wouldn't trust. But just in case you should happen upon this post from an outside source, and you aren't a regular DLS reader (gasp), there's something you need to know.The BBC reported today that the first Twitter-specific attack has been discovered by the fine folks at Kaspersky. The fake profile uses the name "Pretty Rabbit" in Portuguese -- and it's frustrating me to all ends that I can't seem to find a reference or semi-accurate translation of what that user name might actually be -- and claims that clicking the tweeted link will take the viewer to YouTube for some adult video action.
But because there is so much wrong in this world, errant clickers don't get to see the adult video -- at least, not without paying the price. Instead, a fake version of Flash is downloaded, which has the hidden skill of harvesting all sorts of data and transforming your beloved Twittering machine into a zombie node, allowing bad men, women and rabbits to wreak criminal havoc all over the web.
Similar worms have been discovered on MySpace and Facebook, so please, choose your friends wisely.
The offending malicious applications only affect Windows-based systems. No word on whether the faux-Flash works with Linux or Mac, so while those users (who are over 18, of course) are safe from the malware, they will probably not get to see the exciting video Pretty Rabbit in Portuguese was referring to.
UPDATE: On behalf of everyone at DLS, I'd like to give a big thanks to Ed Mercer for the heads up that though the Portuguese username literally translates "Pretty Rabbit," the word "coelhinha" is often associated with Playboy Playmates/Bunnies. "Pretty Playmate" may be a more accurate translation in this case.
