Hackers are now spreading malware through Twitter. It makes perfect sense, many Twitter users are “click happy” and the platform is somewhat more “trustworthy” than links on emails that many now recognize as spam. There are at least two variations of the tweets: one of them is formatted as @(your username) followed by the question “It’s you on photo?” paired with a link. A second variety is very similar and just as grammatically challenged “It’s about you?” also with the link. What they have in common is that it is not about you. The script that is executed when the link is clicked redirects to various IP addresses that in turn redirect to .CU (Cuba top-level domain), .CC, .SU (Soviet Union top-level domain even if the Soviet Union no longer exists), or .RU (Russian Top Level Domain. After all the redirects, you are treated to the Blackhole exploit kit.
AVM Technology recently discussed this with Gray Hall from NBC 12 in Richmond, Virginia.
You may also read more details in AVM Technology’s Blog Post.