Micro blogging site Twitter is the latest target of cyber criminals who are increasingly finding fertile ground on social networks.
A fake Twitter profile with a malicious payload has been spotted by security firm Kaspersky.
It purports to link to a pornographic video but downloads a fake version of Adobe Flash which installs programs capable of stealing data.
The attack is believed to be the first to target Twitter.
The attack is believed to have originated in Brazil because of the language it uses, the servers it calls on to download trojans and the e-mail address used to collect stolen data.
The fake profile has a name that means "pretty rabbit" in Portuguese. It tries to convince users to download the fake Flash video viewer in order to watch the associated video.
It comes as Kaspersky also releases details about two worms that target social networking sites MySpace and Facebook. More variants of these worms are also starting to turn up.
The worms transformed victims' machines into zombie computers, used by criminals to send spam, launch phishing attacks and harvest data.
They were disguised as a link to YouTube which also installed a fake version of Flash Player.
"Unfortunately users are very trusting of messages left by friends on social networking sites so the likelihood of a user clicking on a link like this is very high," said Alexander Gostev, a senior virus analyst at Kaspersky Lab.
Only those using Microsoft Windows are vulnerable to infection from these malicious programs.