Breaking Bad Fans Targeted by Twitter Spam
On the heels of its mosthighly acclaimed episode, Breaking Bad fans tweeting about the popular AMC show may find themselves targeted by a new Twitter spam
tactic.
Traditionally, spammers and scammers abused the reply functionality built into Twitter, but their tactics continually
evolve to find ways of gaining visibility among users. The most recent tactic is called list spam.
ATwitter list consists of a curated group of Twitter users. Users can create their own lists or subscribe to existing lists already
created by others. Spammers are using this feature to get the attention of Breaking Bad fans.
Various lures have been used in Twitter list spam recently, from offering celebrity phone numbers to free gift cards,
devices and video games.
This weekend, the penultimate episode of Breaking Bad, “Granite State,” will air. The show has received a lot of buzz
and fans have eagerly counted the days until Sunday. Spammers are leveraging the show’s popularity to trick users into
downloading a leaked copy of the final episode.
Twitter list spam starts off with addition to a list along with thousands of other users. The list is then spammed with
the link presented in the description.
The URL leads to Pastebin, which contains links to different file hosting services for downloading the episode.
Once downloaded, there are two files in the Zip: a text file named “How To Open – READ FIRST.txt” and a large file
(nearly 300MB).
In order to open the large file, users are instructed to download the latest version of 7-Zip. The link directs users
through an affiliate program, which is how scammers make money, and the affiliate program directs users to an installer
that comes bundled with unwanted applications.
Ultimately, installation of this file is unnecessary as the video file can be opened in any media player.
Unsurprisingly, the downloaded episode is from earlier this season.
Twitter list spam isa new trend, one that is gaining quite a bit of traction. If you find yourself added to a Twitter list, you can remove yourself
from the list byreporting the user that added you.
More information is available in the Symantec Security Response Blog.
ENDS