Mobile Security Threats and Malware Increased in Q4 2010
Cyber criminals are keeping tabs on what's popular and what will have the biggest impact from the smallest effort.
That social networks help spread malware is not exactly news. I've talked about it for a while. But a recent report from Dasient showed just how easy it is to spread malware via social media. Why? Because most social media networks do not check the links in users' posts to see if they could lead to Web malware threats such as drive-by-downloads. Also, Dasient's research revealed that social networks do not seem to be screening their ad landing pages with automated systems that look for drive-by downloads of malware.
Why is this such a problem? Because a good percentage of the status updates on social media have links attached to them, and because the sites are scanning the links for malware, there are little to no safeguards in place to let users know the sites are safe. And I don't know about you, but lately I've noticed that an alarming number of my Facebook friends are sending infected links unknowingly. According to the report:
Social networking sites are open platforms for communication that can be used by anyone, and cybercriminals are regularly conducting "tests" and attacks that are harmful, unlike the benign tests that we conducted during the compilation of this report. The cross-site-scripting attacks that took place against Twitter in September 2010 are a clear example of how attackers conducted harmful tests and virally evolved their attacks using the network effect of the site itself. Even more significant attacks against many social networks have been conducted by the Koobface botnet -- as per a study conducted by the Information Warfare Monitor, "Koobface spreads through social networking platforms by using credentials on compromised computers to login to the victim's account and send messages that contain links to malware to friends that are linked to the account. The malicious link is often concealed using the URL shortening service bit.ly and sometimes redirects once again through a Blogspot blog to a malicious Web page that encourages the user to run the accompanying executable.