Tools opens up new ways to defraud people on Twitter.
Researcher Pedro Varangot at Core Security, a company specializing in penetration testing, has demonstrated a tool to clone user accounts on Twitter and manage targeted attacks against the person's contacts, according to a report published on the website Dark Reading.
The demonstration took place at the security conference, RSA Conference 2010 in San Francisco this week. 
Core Security aims to make the tool available for those who want to use it in conjunction with various types of security work, such as education, awareness and penetration testing.
Varangot and Core Security believe social network services will be used increasingly to spread malicious code. So far, attacks resorted to e-mail. Criminal hackers problem with email is that users are becoming less credulous. Social network services are used today extensively to spam and worms, and regarded as an effective medium for targeted phishing.
The first edition of Core Security tool works on Twitter, but shall be easily extended to exploit other types of social network services, including Facebook.
The tool is based on Exomind, a separate framework for Python that Core Security has developed to test how social services, search services, and instant messengers can be abused.
IT security company is convinced that criminal groups will develop similar technology independently.
Twitter tool picks up a Twitter user profile, as the basis for a true copy of the user's twitter page. User twittering captured continuously, so it's easy to deceive their contacts over to the fake page. How can those who use hacking tool ever expanding number of Twitter accounts that they control, and such spread malicious links that people tend to rely on, since they come from known hold on Twitter.
Another way to use the tool is to collect the ID is the social network and sell them to criminal groups in the same way as you gather up and sell other types of IDs.
