August 3rd, 2009

Twitter turns to Google for help with malware attacks

Posted by Ryan Naraine @ 2:54 pm

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Exploit code, Google, Pen testing, Phishing, Responsible disclosure, Spam and Phishing, Spyware and Adware, Web Applications

Tags: Google Inc., Malware, Twitter, Attack, Safe Browsing API, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

As it scrambles to cope with a noticeable surge in malware attacks targeting its users, Twitter has found a friend in Google.

The popular micro-blogging service has quietly started using the Google Safe Browsing API to block links to known malicious Web sites.

[ SEE: Guy Kawasaki's Twitter account hijacked, pushes Windows and Mac malware ]

The Safe Browsing API allows client applications to check URLs against Google’s constantly updated blacklists of suspected phishing and malware pages.

F-Secure’s Mikko Hyponnen first noticed the anti-malware blocker on Twitter earlier today.  If a tweet contains a link to a site blacklisted by Google, Twitter blocks the communication with a notice that it contains a URL to a known malware site  (click image for full version):

The move could not have come sooner.   Twitter has slowly emerged as a lucrative phishing spot for identity thieves and malware purveyors.  Over the last six months, the service has been hit by a variety of Trojan, worm and spam attacks and high-profile account hijacking.

The company has already retained a well-respected penetration testing firm to audit the security of its service and is in the process of beefing up its internal security staff.