The malicious tweets often read “It’s you on photo?” or “It’s about you?” The tweets and URLs often include a user’s Twitter handle. Many of the links Sophos discovered have a .RU domain name.
“The attack itself is very simple, relying on people’s natural curiosity about anything they think mentions them. Including the target’s Twitter username in the link is an added hook to reel people in,” Richard Wang, head of Sophos’ U.S. labs, said in a statement.
The links in the spammed tweets lead to a Trojan that ultimately redirects users to Russian websites containing the Blackhole exploit kit, Sophos said.
Better make sure your antivirus software is up to date. Also update all of your programs and operating system. As always, it’s scary out there in the interwebby. Be careful.