Many Twitter users have been affected by a fake goo.gl virus attack, according to a report by sophos. This virus automatically tweets malicious links without users’ knowledge and permission.
Many tweets from affected users containing no message other than a goo.gl shortened link (Google’s equivalent to bit.ly or tinyurl), which itself points to a URL ending with “m28sx.html”.
The malicious goo.gl links ultimately take you to a website which attempts to scare you into believing that you have a virus problem on your computer. You are then frightened into installing malicious code on your PC, and asked to pay money to disinfect your systems. Sophos is adding detection of the malware as Troj/FakeAV-CMG.
It is observed that, most of such malicious messages have been posted by “Mobile Web”, Twitter’s “lite” interface for generic mobile phone users, rather than normal clients such as Tweetdeck or Twitter for iPhone.