Compromised Facebook, Twitter accounts used to send ‘free iPad’ spam

Facebook and Twitter users are complaining about their accounts being compromised and then being used to spam friends with suspicious “free iPad offers.”

Twitter warned users of the scam, Wednesday, saying that it was resetting passwords of affected users. “If you’ve received a message promising you a new iPad, not only is there no iPad, but also your friends have been hacked,” Twitter said

The scam is also hitting Facebook users to, according to company spokesman Simon Axten. “It’s affecting an extremely small percentage of people on Facebook, but we take all threats seriously,” he said via e-mail.

Gerome Stevens discovered that his Twitter account had been used to direct message contacts late Wednesday. He’s not sure how the scammers got into his account, but they sent direct messages to his friends, that said, “u have to check out this Web site its glitchin right now and sending out ipads to everyone for free!”

He said the messages continued, even after he’d changed his password.

The messages his friends received contained a link to better-gifts.net. That Web site asks for personal information, and then directs the user to a variety of promotional offers from legitimate companies such as Netflix, the Doubleday Book Club, and Columbia House DVD.

Online marketing programs pay cash for Web traffic, and hackers have found that by phishing victims and then using that information to break into legitimate Twitter and Facebook accounts, they can earn money.

This type of spam is particularly effective, because the messages appear to come from a trusted source.

The “free iPad scam” is the latest among a spate of attacks propagaged through compromised accounts on social networking sites.

An adware-distribution scheme on Facebook uncovered a couple of years ago by researchers at security gateway vendor Fortinet was considered the first major attack propagated on the popular online portal.

Disguised as a legitimate “Secret Crush” request on the site — designed to inform Facebook users about other members who find them attractive — the application instead attempted to secretly install an adware program made by Zango after it was successfully downloaded.

The Secret Crush program also attempted to lure people who download the file to pass it along to other Facebook members they knew, according to Fortinet.

At the time, as many as 3 per cent of Facebook’s registered users had downloaded the adware-bearing program, the security firm’s research revealed.

At the time, Fortinet experts said that the threat should be viewed by Facebook operators and users as a portent of more dangerous attacks to come.

The attack illustrated how malware distributors prey on trusted relationships among users of social networks .

MySpace, another wildly popular social networking site was also subverted on multiple occasions by malware attackers.

“The main thing people haven’t realized is that in the current threat landscape, where all the threats are monetized, traffic equals money in the eyes of the attackers, and you can find more traffic than ever at these social networking sites,” said Guillaume Lovet, a regional manager of Fortinet’s Threat Response Team.

Lovet said that because Facebook and MySpace users tend to trust content coming from members they are already familiar with, the social networking sites, when compromised, represent an ideal opportunity for malware distributors seeking a new environment to carry out their scams.

“At its core, Facebook is an incredible online marketing tool, people are on there openly providing their names, birthdays and a wealth of other information about their religious and political views, or their favorite books and movies,” Lovet said.

“If attackers have access to all that data, they can use it to craft attacks and use popular demographics they discover to create additional threats that tap into any of those themes.”

Share on LinkedIn Share with Google+