A quick warning for Twitter users today, a new Twitter worm exploit has been discovered that uses the Google URL shortener service, sending users to fake antivirus sites.

The worm works by sending users through a goo.gl link to a site that offers a service called “Security Shield” which is in fact a piece of malware.  The malware as detected by Sophos virus scans is called Troj/FakeAV-CMG.

Twitter is aware of the worm and their safety account claims they are “working to remove the malware links and reset passwords on compromised accounts.”

If you’ve followed a Goo.gl link in the last 24 hours, I would recommend running a full system scan and changing your Twitter password as soon as possible. [Read more…]