Threat Database Malware Time On Tweeter

Time On Tweeter

By ESGI Advisor in Malware

Time On Tweeter is a fake Twitter application, which recently has rapidly spread and evolved. Do not give Time On Tweeter access to your Twitter account, and if you already have given Time On Tweeter access, revoke it as soon as possible. Time On Tweeter is malicious.

What Time on Tweeter Does, and How it Spreads

Time On Tweeter takes advantage of the curiosity of Twitter users, by offering to advise you how much time you have spent on Twitter. It sounds like an innocent enough idea, and since a lot of Twitter users apparently worry that they are spending too much time on the social network, Time On Tweeter draws in users. What happens is, you see a tweet from someone else, and it will say, “I have spent 11.6 hours on Twitter. How much have you? Find out here: [malicious link].” Initially, the links were shortened using, but since the scam was first caught, they have switched to and other linking methods.

In any case, if you click on the link, it takes you to a window asking if you want to give Time On Tweeter access to your Twitter account. If you agree, Time On Tweeter immediately generates the same "11.6 hours" message as a Tweet from your account, and redirects you to some quizzes that are essentially fake, because they are advertisements in disguise. If people click on the Tweet that came from you which contains the malicious link, they will go through the same process. In other words, Time On Tweeter never tells you how much time you have spent on Twitter.

Time on Tweeter’s Clones and Mutations

Because of the extremely fast pace of Twitter, with new Tweets constantly appearing and with posting occurring in real time, Time On Tweeter has had to adapt in order to avoid suspicion. In addition to the other linking methods that the fake application has begun to use, Time On Tweeter also has taken on a few other names. Some of the names that have been identified are “Time on Tweet” and "How many hours?" Accordingly, the variations on Time On Tweeter use a slightly modified Tweet, instead of the 11.6 hours Tweet. One version always says, “I have spent 10.6 hours on Twitter. How much have you?” while another says, "I have spent 12 hours and 25 minutes Twitter in 2011. How much have you? Find out @ [malicious link]." Just like Time On Tweeter, these other versions don't actually calculate how much time you have spent on Twitter, and they show the same time-spent Tweet on every affected account.

Why Time On Tweeter is Dangerous

At first glance, you might think Time On Tweeter seems harmless enough. After all, all Time On Tweeter is doing is posting a Tweet and directing you to advertisements, right? Unfortunately, there's more to it than that. When you give Time On Tweeter access to your Twitter account, you make the personal information associated with your account vulnerable to theft by the fake application. Furthermore, Time On Tweeter (and Time On Tweeter's clones) can be used to plant links that redirect anywhere, and that includes malicious websites. Because Time On Tweeter uses link shortening, you can't see the actual URL of the page you are going to until after you've clicked it. So, you can never be sure that the links included in Time On Tweeter's fake posts don't lead to sites that will harm your computer. In any case, why use an application that doesn't do what it says it will do? Even if you doubt that Time On Tweeter is dangerous – which Time On Tweeter is – there is no reason to let a useless application access your account.

As previously mentioned, because Time On Tweeter is spreading through Twitter, Time On Tweeter is evolving quickly. Therefore, it is almost a certainty that Time On Tweeter will develop more clones, with more alternate names, and different fake Tweets. In order to protect yourself, keep an eye out for any Tweet that claims to link to an application that will tell you how much time you have spent on Twitter. Also, use caution when clicking on shortened URL's in Tweets, even if the link is provided by someone you know.


Most Viewed