Juste (dot) ru, the video scam that’s been spreading rapidly on Twitter, is actually a double-headed beast.
We’re now getting reports of the same video links being spammed through user accounts on Facebook, too. If you get a Facebook message with a link to Juste.ru, DO NOT click the link or visit the site – it appears to steal your credentials for both Twitter and Facebook, then abuse them to spread the scam further. Your Facebook friends get spam messages, and your Twitter followers get sent malicious Tweets.
This is perhaps the most vicious of social networking scams we’ve seen, affecting two networks simultaneously. Given that it’s able to grab logins from both sites, we’re assuming that it works by installing malware on the host machine, rather than simply asking for login details. We’ll continue to update once we have more information.
Current advisory: do not click links to “juste (dot) ru†on either Twitter or Facebook today. Also avoid any links on Facebook that simply say “Video†or “Best Video†– I’ve seen at least one example where it seems the link is hidden behind a short URL.
If you think you might be affected (ie. your Twitter or Facebook accounts are sending out spam links), run a full virus and spyware scan, clear your browser cookies and change your passwords on both services.