eWeek Security Watch
Advertisement
Advertisement
August 18, 2009 10:37 AM

Social Networks Top Hackers' Favorites



It should not come as big surprise that hackers are more and more interested in social networks.

Just how much however is underscored by Breach Security's Web Hacking Incidents Database 2009 Bi-Annual Report. According to their research, social networks like Facebook and Twitter were the most targeted vertical market in the first half of 2009, accounting for 19 percent of all hacking incidents.

Last week, Arbor Networks' Jose Nazario discovered an attempt by attackers to use Twitter as a command and control to send instructions to infected computers. Since then, Symantec and others have come out with additional research shedding light on the situation.

According to Symantec, obfuscated Twitter messages are being used to send out new download links to malware Symantec calls Downloader.Sninfs, which in turn downloads a password-stealing Trojan known as Infostealer.Bancos.

"Our investigation and analysis of Downloader.Sninfs is ongoing but has so far shown that it reads a specific Twitter.com RSS feed only once," blogged Symantec researcher Peter Coogan. "The RSS feed is simply a text file similar to other RSS feeds found on other Internet sites. The RSS text file contains information as to where Downloader.Sninfs can find additional threats to download onto the compromised system. In this way the RSS file acts like a config file for the malware."

Beyond this incident, the notorious Koobface worm continues to enjoy success, and numerous malware campaigns targeting Facebook and other sites have made headlines in the past several months. Part of this is likely due to their success rate. Kaspersky Lab reported earlier this year that malware attacks over social networks were 10 times more effective than those launched over e-mail.

Taken together, the situation underscores the fact that attackers are going to follow users -- as social networks continue to grow, so will their footprint on the threat landscape.

"The dramatic rise in attacks against social networking sites this year can primarily be attributed to attacks on popular new technologies like Twitter, where cross-site scripting and CSRF worms were unleashed," Ryan Barnett, director of application security research for Breach Security, said in a statement. "Looking back at 2008, a notable election year, government-related organizations were the top-ranked attack victims and have now dropped to number three. The WHID report demonstrates that hackers can be fickle, following popular culture and trends to achieve the most visible effect for their efforts, which means that companies must be vigilant in implementing web application systems and monitoring application activity."

Posted by Brian Prince on August 18, 2009 10:37 AM

| Comments (4) | del.icio.us | digg.com | Trackback | Post a Comment
TrackBack

TrackBack

http://securitywatch.eweek.com/cgi-bin/mte/mt-tb.cgi/17692

Comments (4)

therealhellkitty :

So, in plain English, will you tell us what this means for the consumer and how to protect ourselves?

Posted by therealhellkitty | August 18, 2009 12:45 PM

janiesmiling :

to protect yourselves.. and your personal data.. i recommend installing a good antivirus solution (i use bitdefender internet security 2009.. but they just launched the 2010).. and.. don't ever open files that look suspicious.. and always pay attention to links..
good luck and stay protected!

Posted by janiesmiling | August 19, 2009 5:26 AM

Eirik Iverson :

Anti-virus/spyware excels at stopping malware over a month old but fails with attacks less than a month old. Panda Laboratory recently reported that attackers stop using new malware samples after 48 hours. This is part of the cat and mouse game whereby the cyber criminals can make malware variants far faster than the anti-virus/spyware vendors can make signatures to detect them.

I posted an article on why cyber criminals prey on social networking and how users can protect themselves:

http://www.blueridgenetworks.com/securitynowblog/endpoint_security/worms-virus-trojan-rob-facebook-myspace-social-network-users

An example of security software that stops these attacks without requiring virus signatures or other attack-specific identifying characteristics is AppGuard. There are other products. They all are available for a free 30 day trial. Choose one that is easiest and least disruptive for you.

Posted by Eirik Iverson | August 19, 2009 11:47 AM

Beth Jones :

@therealhellkitty:

Many of the attacks can be avoided by having strong passwords that can't be easily guessed, and isn't a common dictionary word and not clicking on the links without knowing where they go. You can go to www.longurl.org to parse any shortened URL that you may want to click, or if you use Firefox, there's the LongURL add-on that parses the link for you. You just hover the mouse over the link.

Our threat report talks about the growth of Web 2.0 threats and some ways to protect yourself.

Having up-to-date anti-virus and a good firewall will help a great deal, as will making sure all Windows and OSX patches are applied. No solution is 100% foolproof, but it certainly beats 0%

Beth Jones, SophosLabs

Posted by Beth Jones | August 20, 2009 8:54 AM

Post a Comment

 
 
RSS Syndication

Security News

Advertisement

Adware

Apple

Applications Whitelisting

AV tools

Botnets

Browsers

CAG

Cisco

Corporate espionage

Data Security

Data securityAdd category

Disaster Planning

eBay

Enterprise security strategy

Ethical hacking

Exploits and Attacks

Facebook

Flaws

Google

Government standards

Identity Theft

Illegal pharmacies

Infrastructure security

Intrusion Detection/Prevention

Malware

Mergers and Acquisitions

Messaging security

Microsoft

Microsoft Windows

Mobile malware

NIST

Online malware

Open Source

Oracle

Patches

Phishing and Fraud

Privacy

Product Reviews

Products

Regulation

Risk Management

Rootkits

SCADA

Search

Social engineering

Social networking

Spam

Trojan attacks

Twitter

Virus and Spyware

Vulnerability Research

Web 2.0

YouTube

Advertisement
Security Watch     Contact Us | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Security
Network Security
Infrastructure Security
How To: Data
IT Security News
Cheap Hack Blog
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
Storage Reviews
Data Storage News
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows Vista
Managed Print Services
Cloud Computing
PC Reviews
Microsoft Watch Blog
Apple Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Mobile Applications
Wireless News
Mobile Reviews
Apps & Development:
Application Development
SAAS
Search Engines
Database Software
Web 2.0
IT Project Management
Emerging Tech Blog
CIO Insight Blogs
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel Partners
Careers Blog
Value Added Resellers
More eWeek Links:
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Podcasts
Tech Videos
Green IT
eWeek Magazine Subscriptions
Enterprise Websites:
ZDE Home
Baseline
Channel Insider
CIO Insight
eSeminars
eWeek Mid-Market
Publish Online
Web Buyers Guide
Developer Websites:
Dev Shed
DeveloperShed
ASP Free
MS DevSource
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
iGrep Search Engine
PDF Zone
Linux Watch

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt, and eWeek Security Watch are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
eWeek is your best source for the latest Technology News.
Hosted by Hostway.

Ziff Davis Enterprise