TweetFollow is an iPhone application available from http://www.b1te.com/tweetfollow/

Unfortunately for the application vendors though, tweetfollow.com (DON’T GO THERE) is also a domain that is hosting malicious JavaScripts that redirect the visitor to download malware.

In a textbook example of cybersquatting and trend surfing, these cybercriminals are banking on the popularity of both Twitter and the iPhone to maximise their infection rates. The site host a malicious JavaScript file which redirect the visitor and push malware down to their PC.

The JavaScript is called app_info_next_312.js and a quick search reveals almost 100 other servers hosting a JavaScript with the same name. Of course the name is meaningless in terms of detection and Trend Micro detect the malicious JavaScript (whatever name it goes under) as JS_IFRAME.AKK. The site distributing the malware is also blocked by the Smart Protection Network

Tweetfollow.com was registered on the 31st December 2008, and there appear to be 103 other websites hosted on the same server many of which contain similar malicious content. What is not yet clear is whether this server is a victim (of hacking) or a perpetrator, but what is clear is that you should avoid all links to this site for now.

No related posts.