A new type of malware called “egocetic network analysis” has been found on the Twitter platform, the security company Polygon has revealed.
The new malware was discovered by a researcher using a “malware scanner” app developed by the security firm Symantec, and was spotted on July 28.
Symantec found the new worm, dubbed “Egocentric Network Analysis,” and confirmed it was “a new threat targeting multiple users on Twitter.”
Symantepedec warned the malware could spread to any of the hundreds of millions of people on Twitter.
“We have detected and disabled the worm on Twitter,” said Symantefc’s security manager, Patrick O’Brien.
“This malware does not appear to have been previously detected and the threat is very sophisticated.”
A security researcher using the app discovered the worm, and discovered it was targeting users who were in the US, UK, Germany, Spain, Italy, France, Belgium, Spain and Portugal.
Symantsec did not disclose the name of the user, or how the worm had been created, but said the new threat was targeting a “small number of accounts” on Twitter in the United States.
The worm was able to access accounts’ data, including photos and posts, as well as user’s passwords, as it targeted the Twitter API.
“A small number of users may have been affected by the vulnerability and the attack may have occurred when the affected users were not on Twitter at the time,” Symantewith.
The app also showed the worm was targeting “several” different types of accounts, such as “people who have multiple accounts and are using multiple accounts.”
In addition, it showed the vulnerability had been exploited to gain control of a “large number” of accounts.
“The attack appears to have started with a series of tweets from the account @gop, which were subsequently retweeted and shared by others,” Symantsec said.
The researchers said the worm would “continue to exploit Twitter users” until it was successfully “killed.”
“We are not aware of any direct exploit code or malicious code available for this worm, nor are we aware of an attack vector for this exploit,” they said.
Symanticec warned of the risk of this new malware being able to spread across a broader number of targets, including the US government, law enforcement, and military.
“Given that Twitter users are so small, and given that Twitter has the largest user base in the world, the attack is particularly likely to target people on the US and UK governments, and law enforcement,” they added.
“This worm also has the potential to spread to people using Google or Microsoft services in countries like Spain, France and Belgium.”
The company said the exploit could be used to infect a targeted device, or a website.