Tweetdeck has announced that a series of malicious tweets are circulating that ask users to download a new version of Tweetdeck, but actually the link downloads a software trojan (virus) onto your computer.
Possibly, this attack was timed to coincide with Twitter’s move to OAuth today – i.e. the attackers may have thought that some people would think they needed to upgrade Tweetdeck because of the change – but no way to know for sure.
Here’s how Tweetdeck’s blog explains the threat:
“We are seeing a number of updates on Twitter urging users to download a file called “tweetdeck-08302010-update.exe” from a URL beginning withhttp://alturl.com/.
These tweets are from hacked accounts and this file does not come from us. Do not download it.
Official updates are exclusively available at: http://www.tweetdeck.com/desktop/ To ensure your safety TweetDeck files should only be downloaded from this location… If in doubt, only download from here or http://www.tweetdeck.com itself.
The updates often being with one of the following phrases:
- TweetDeck will work until tomorrow, udate now!
- Download TweetDeck update ASAP!
- Update TweetDeck!
- Hurry up for tweetdeck update!
- Sorry for offtopic, but it is a critical TweetDeck update. It won’t work tomorrow!