Twitting in a new way

There is a post on Mashable that outlines how to game Twitter into becoming a natural environment to spread malware. There is little to none incentive to create pure spam feeds, as they will, undoubtedly, be closed and all future links will be marked with “nofollow” attribute. Malware, however, is whole another story. In this case the attacker doesn’t have to have clean direct links. In fact, as it is mentioned in original article, attacker, actually, have to mask destination with some sort of shortener (worse yet, if the link looks like “legit” affiliate link). By gathering large enough audience, an attacker can get to them in a single strike. And if the destination look innocent enough, he might get away with it just long enough. After all -it all is still same old social engineering.

Educated guess says that Jaiku might be vulnerable the same way. Just look what happened to the (aka Blogspot) – it became free doorway hosting service right at the beginning…