A new virus is spreading around Twitter using the Google 'goo.gl' URL shortening service, posing as anti-virus software. Affected users may see tweets with links in their timelines ending with "m28sx.html," says Graham Cruley of security firm Sophos.Clicking on the link will take the user a page that claims the computer is infected, and attempts to trick him or her into installing the malware-infected software as well as to pay for disinfection. Once downloaded, the virus then posts a tweet under the users account with the link in an attempt to infect his or her followers.It is not immediately clear how the malware is gaining access to Twitter's API to make these posts. Typically a user must authorize any external applications to gain access to post tweets. Cruley said he isn't sure either."The natural suspicion would be that their usernames and passwords have been stolen," he wrote in a blog post. "It certainly would be a sensible precaution for users who have found their Twitter accounts unexpectedly posting goo.gl links to change their passwords immediately."
