Twitter is back in the news again for the wrong reason with reports that it has been hit by a scareware scam.

Some Tweeters fell victim to the scam which invited them to a Best Video buy link, which actually took them to a site offering a rogue security application.

The brief messages, which contained a hyperlink (juste.ru), bombarded certain Tweeters and once clicked, the link took them through to a Russian domain. The site appeared to show YouTube content, but was actually delivering an infected PDF via an IFRAME. The PDF was riddled with exploits that targeted Adobe Reader versions that remain un-patched.

Once infiltrated, the computer users then saw a screen which said that their systems were infected and that it needed to be cleaned using a particular security software package which, of course, would then download malware onto the machine.

A recent report said that such attack had increased over 200% in the second half of 2008 and once attacked, the desktop would find it difficult to recover without specialist help.

And although such attacks are common on many applications, downloads and websites, this is believed to be the first concerted scareware attack via Twitter. Ironically, the offending app is known as ‘System Security.’

Computer security experts believe that people who Twitter are particularly vulnerable to such attacks, as the high volume of messages and the intimacy of the service leads to a certain susceptibility, as though users cannot believe hackers would have the wherewithal to attack such a social system.

But with the Twitter ranked in popularity only behind Facebook and MySpace with an estimated six million unique monthly visits, the problem is set to get worse over time.

Twitter confirmed that it had been attacked, but that all the offending messages had been removed.

Guest Article by Neil Camp