Social Networking Sites are Rewarding for Badware Producers
Posted by Laureli Mallek
Social networking sites are fun. I’ve spent unknown hours procrastinating with them and my experiences have generally been favorable. Logging onto my account recently, I found multiple private and public messages from a contact, a high-school friend, who was trying to sell me sunglasses, lots of sunglasses, a variety of designer frames at discount prices that I could purchase by clicking the link in the post. Instead I clicked through to her page and realized that her account had been used to message all of her contacts with this dubious message.
A recent Security Fix post by Brian Krebs at the Washington Post reviewed Symantec’s findings that phishers are actively targeting social networking sites. “Spreading malware via hijacked social networking accounts is ideal because people are far more likely to click on a link recommended by someone in their close circle of friends than they are a link that arrives in a message from a complete stranger,” writes Krebs. The phishers ride on the trust established by a normally benign networking site to lower a user’s suspicion of unknown links. These sites are also extremely popular; four out of the 10 most visited websites are focused on social networking.
These links can initiate drive-by downloads, which StopBadware has reported on in detail as part of the Trends In Badware 2007 report. Drive-by downloads are a major, and continually growing trend in badware distribution. The report writes: “As in offline drive-by attacks, the victim is going about his normal life and is simply in the wrong place at the wrong time.” These attacks function with a minimum of user interaction, as the linked-to website may contain an invisible iframe or other gateway for malicious intervention.
Although the techniques are new, the goals of malware writers have stayed the same. Krebs writes:
“Cyber crooks are still principally out to steal financial and personal data that can be resold to identity thieves or converted into cash. And data-stealing computer viruses remain among the most expedient way to extract that data from victims.”
As badware production evolves, threats become more difficult to detect as obvious signals such as messages from an unknown users and limited language proficiency are avoided. Maintaining a level of skepticism while browsing is essential to the safety of you, and your entire social network.