According to Patrik Runald, a security researcher with Websense, Sohaib Athar – aka ReallyVirtual on Twitter – gained attention recently by unwittingly posting updates about the presence of helicopters from his home in Abottabad.
"As can be seen from the screenshot, Mr Athar links to his blog, and I'm sure a lot of users who saw his tweets went there. Unfortunately for them, the site was compromised and was serving a poorly detected malware through the Blackhole Exploit Kit", says Runald in his latest security blog.
"Anyone going to this page would also load content from the malicious URL above, and the Blackhole Exploit Kit would then try to use several exploits to automatically install malware on the PC", he adds.
Runald goes on to say that the malware the drive-by-download attempts to install is a fake system tool named WindowsRecovery that claims to have found problems on the victim's computer.
To convince the user that something is really wrong with their system, he adds that malware hides all files and folders in the hard drives and on the desktop.
"But of course the scammers offer the user a quick solution to this problems with a purchase of the premium version of WindowsRecovery," he notes.