Crooks are going after Twitter users once again, this time with a “Best Video” tweet that attempts to lure victims into visiting a site that will launch PDF-based attacks.
According to an analysis from Kaspersky, visitors to the juste.ru site (which you of course shouldn’t visit) will see an embedded YouTube video. But behind the scenes, the page will launch and exploit-laden PDF attack that, if successful, will install a fake antivirus program called “System Security.”
The Kaspersky researcher didn’t find any evidence of a self-spreading worm, and instead theorizes that the scammers behind this attack used stolen logins from a recent “TwitterCut” phishing attack against the service to send the poisoned tweets.
Twitter says it is aware of the problem and is working on it. To stay safe, in addition to avoiding any “Best Video” tweets, be sure that any Adobe software is up-to-date. Flaws in Reader and Acrobat are a huge target for online crooks right now.