Everywhere a tweet, tweet

I’ve been noticing a lot of spam on Twitter recently, especially tweets touting the latest and greatest malware, er I mean “PC cleaners”. How are all these tweets being generated in such a short period of time? The answer - a Twitter bot.

We got a hold of one of these bots recently and it looks relatively harmless. They even stole the image of Eve from Wall-E to make it look more innocent. It has a EULA and a fairly standard install:

Twambot Install

Once the installation is complete, this is what you see:

Twambot Run

All that remains is to log in and start spamming.

Sophos detects this as Troj/Twambot-A.

Posted on July 30th, 2009 by Beth Jones, SophosLabs US
Filed under: General, Malware, Web

Windows 7 security - A great leap forward or business as usual?

About SophosLabs

SophosLabs protects businesses from known and emerging malware - viruses, rootkits and spyware - and other computer threats like phishing, spam and scams. Learn more about the people who write this blog.

RSS feed

Hot video

International Kill-A-Zombie Day

SophosLabs blog

Related posts

About SophosLabs

Subscribe

Hot video

Recent posts

Categories

Archives

Sophos blogs

In this section

SophosLabs blog