Understanding Malware: Role of Social Networking
Malware attacks are a growing concern amongst enterprises. It not only results in downtime but also poses the threat of data theft. In the third of this four part series on malware attacks on enterprises, we explain the relationship between social networking and malware.
Relationship between social networking and malware
Social networking platforms and instant messaging services, along with peer-to-peer networks are the favorite vectors for disseminating different malware. Because of their wide popularity among computer users and the amount of personal information stored, social networking platforms have become the favorite hunting place for attackers.
Spamming is also a common practice among social networking service users. Although Twitter and Facebook have begun reinforcing their policies, unsolicited comments, advertisements, graffiti and other types of spam are still present. Another service, such as the professional network LinkedIn, has become the favorite playground for people and organizations offering miscellaneous services. Spammers attempt to join users’ professional networks and then bomb them with messages advertising their products or services. During the past six months, multiple variations of LinkedIn spam have been identified- a warning sign showing that the precarious state of the global economy pushes more and more providers into abusively marketing their services via social networks.
While spam and phishing sum up almost 80 percent of the e-threats related to social networks, worms exploiting large platforms have rapidly escalated. During the last six months of 2009, numerous families of worms have been pestering the most important social networks such as Twitter, MySpace and Facebook.
Initially spotted on August 2008, the Koobface worm has been one of the most active and destructive e-threats affecting social networking platforms. The cyber-criminal team behind the worm has released multiple variants of it in order to extend their reach with multiple social networking services. The worm has been initially designed for Facebook, but subsequent variants of Win32.Worm.Facebook.A also targeted MySpace and Twitter accounts.
The viral infections took most of the platforms by surprise and the damage inflicted to users was beyond imagination. The infection technique was simple yet efficient: the worm used compromised accounts to lure friends into clicking the infected links.
Other Facebook worms blend social engineering with highly-advanced URL manipulations resulting in a cross-site request forgery in order to submit their message every time the user clicks on an infected link. These specific Cross-Site-Request Forgery attacks (also known as XSRF) are based on iframes running third-party scripts to manipulate Facebook into behaving as if the account user had sent a wall post.
The attacks on social networks can cause productivity loss - slowed networks due to the bandwidth waste, reduced e-mail processing and storage capabilities, time spent to sort and discard the unwanted messages, resource consuming collateral damages, such as detection and removal of malware, etc.
This article has been written with inputs from Catalin Cosoi, Senior Antimalware Researcher, BitDefender.
- How Does The CEO Become A CEO?
- Have We Learnt A Lesson From Facebook-Cambridge Analytica Crisis?
- Here's A Way To Protect Yourself Against Manipulated 'Fake News'
- 8 Out Of 10 Most Valuable Brands Are In Tech: Study
- How To Avoid And Mitigate Risk Of Fake News
- Facebook Updates Workplace To Woo Business Consumers
- Facebook CEO Explains How They Will Fix Data Privacy Issues
- All You Need To Know About Facebook-Cambridge Data Leak Saga
- IT, Digital Firms Comprise LinkedIn's Best Cos For 2018
- 3 Indian Brands that Know How To Use Humour on Twitter