New malware threat targets Twitter users

A new spammed malware attack is impersonating messages from micro-blogging site Twitter.

Researchers at Symantec say that the attack attempts to pose as an invitation for the target to join the Twitter site with the message 'your friend has invited you to Twitter.'

The message also contains images from the Twitter logo and front pages.

Rather than send the user to Twitter by way of a URL, however, the message asks the user to open an attachment under the name 'InvitationCard.zip.'

Upon launching the attached file, the user is infected with a malicious worm that attempts to send out mass e-mail messages.

Users are advised not to open the invitation attachments or any other unsolicited or suspicious email attachments.

"As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users, " wrote Symantec researcher Sammy Chu in a blog posting.

"We expect that spammers will continue to use Twitter and other popular social networks as bait in their attacks."

The practice of disguising malware as email attachments and greeting cards is not new. Attacks such as the infamous Storm worm were routinely spread under the guise of greeting card attachments.

Attacks targeting Twitter have also become more common in recent months as the site has seen its popularity soar. Attacks have ranged from account-stealing hacking attempts to cross-site scripting attacks and malware distribution attacks.