Unfollowed Me rogue application spreads virally on Twitter

Filed Under: Social networks, Spam, Twitter

Once again Twitter users are finding themselves hit by a fast-infecting attack, more commonly encountered by their Facebook-using cousins: a rogue application spreading virally across the network.

Thousands of Twitter users have fallen into the trap of allowing rogue third-party applications access their Twitter accounts, believing that it would tell them how many people have unfollowed them.

42 people have unfollowed me, find out how many have unfollowed you

A typical message reads:

58 people have unfollowed me, find out how many have unfollowed you: [LINK] #rw2011 #duringsexplease #youneedanasswhoopin

See the hashtags? They appear to be currently trending phrases on Twitter - presumably the rogue applications are using them in the messages they spam out in an attempt to trick more users into clicking on the links.

If you do click on the link you are asked to give authorisation for a third-party application to access your Twitter account.

Rogue application on Twitter

Don't, whatever you do, press the "Allow" button. If you do, then a third party is now capable of tweeting messages in your name to all of your Twitter followers - which spreads the scam virally across Twitter and may result in one of your online friends also having their account compromised.

So, how do the scammers make money? That's the next piece of the jigsaw.

You're anxious to find out who has unfollowed you on Twitter. The scammers take advantage of that by presenting a webpage which looks as if it's about to reveal that information - but is actually designed to make you take an online survey instead.

Rogue application survey scam

The scammers make money for each survey that is completed.

If you were unfortunate enough to grant one of these rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app's rights.

Revoke rogue app rights

(Note that the scammers are using a variety of different applications - so you may see a different name from the one I picture above).

Don't make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

If you're on Twitter and want to learn more about threats, be sure to follow Naked Security's team of writers.

, , , ,

You might like

4 Responses to Unfollowed Me rogue application spreads virally on Twitter

  1. urs · 1225 days ago

    Today this trick spreads via facebook in a german version:

    "wtf Du erscheinst als meist auftrender Profilbesucher. hier kanst Du Deine meist auftrende Profilbesucher finden"

  2. Evan Kaufman · 1225 days ago

    This seems like the sort of situation where Twitter should be able to simply kill the malicious webapp's access to their API. They clearly have no problem hitting the kill switch for client apps...

  3. Thu Win · 1224 days ago

    It seems that people in Facebook has been more informed of these scams so the scammers have switched platforms

  4. One of the television stations here in New York City mentioned this article during their newscast! :) I wanted to read more about it. I used the word "twitter" and found this article. I can't believe that was so easy! I love all the blog posts you guys post. All your blog posts do aware me of the latest rogue apps in Twitter and Facebook. In addition, I love your antivirus for mac. Thank you so much, Sophos!!! :D

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.