Incident Response, Malware, TDR

Twitter accounts spamming links to Android trojan Opfake

Researchers at Symantec have detected a spam campaign on Twitter that spreads an Android trojan called Opfake.

Tweets from compromised accounts are written in Russian and include malicious links that lead to sites hosting mobile malware.

According to Thursday blog post by Joji Hamada, a Symantec researcher, the firm spotted an influx of compromised Twitter accounts spamming the messages around early July. He wrote that “hundreds of tweets” may have already been sent globally and that Twitter is working to address the threat.

Malicious links lead victims to websites where they believe they'll be downloading free apps. Instead, the install is Opfake, which sends SMS messages from their Android phone to premium-rate numbers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.