• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   Social media malware on the rise

Social media malware on the rise

  • Posted on:February 24, 2015
  • Posted in:Current News, Industry News
  • Posted by:
    Trend Micro
0

As the world becomes increasingly interconnected through the Internet and other technologies, it seems there is no place safe from the crosshairs of cybercriminals. In recent years, users and businesses have seen hackers breach all kinds of targets, including individual desktops, mobile devices, POS systems and the corporate network at large. Recently, however, it appears that black hats have widened the scope of their attacks to include not only traditional vectors, but social media as well.

When looking at it from a hacker’s point of view, it’s easy to understand why social networks would be the next sensible target. Oftentimes, cybercriminals go where they have access to the largest pool of victims. With social media websites like Facebook, Twitter, LinkedIn and others steadily increasing their user numbers, it’s not difficult to imagine hackers utilizing these platforms to the advantage of their malicious activities.

But how exactly are cybercriminals leveraging social media for their attacks? Let’s examine this rising trend as well as how users can protect themselves.

Social media: Gateway to waterhole attacks
In recent years, attackers have used websites frequented by one or more members of a target group to infect these individuals and their devices with malware. For example, if a black hat is looking to go after a particular business and notices through observing network activities that a number of employees often use an informational website related to that industry, the hacker could place malware on the site – or create a legitimate-looking fake page – to lure staff members into infecting the network.

Kaspersky Lab director of global B2B marketing Mark Bermingham recently told PCWorld that this year, there will be an increase in waterhole attacks stemming from social media usage.

“Security measures can’t overcome stolen credentials and click-throughs to dubious links,” Bermingham pointed out.

In addition. security researchers at Proofpoint estimated that in 2015, there will be a 400 percent increase in malicious social media content.

Facebook Trojan attack
The presence of a Trojan attacking users through Facebook appears to support experts’ predictions for increased social media attacks. In early February 2015, security researchers discovered a pornography-based Trojan infecting users on the popular social media site, IT Pro reported.

The attack lures users into infection by promising racy content through a link. Once clicked, victims are able to view a preview of the pornographic content, but the video stops at the halfway point and asks users to download an updated Flash player to continue. The player is actually a malicious fraud, infecting victims and enabling hackers to control keyboard and mouse activities. Once the malware is installed, it posts the malicious link to the victim’s Facebook page and tags the user’s friends, thereby infecting all others that click on it. The malware is also able to send private messages to victims’ friends, spreading the infection even further.

As of early February, the attack had infected an estimated 110,000 Facebook users’ machines over a two-day period. After the discovery, a Facebook spokesperson released a statement noting that the website was utilizing several automated technologies to pinpoint and mitigate the damages of such infectious links.

“In this case, we’re aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites,” noted the Facebook spokesperson. “We are blocking links to these scams, offering cleanup options and pursuing additional measures to ensure that people continue to have a safe experience on Facebook.”

Rebels lure enemies with malware honeypot sites
The Facebook Trojan isn’t the first time risque content was used to lure victims into malware infection. Ars Technica reported that this technique has been utilized by Syrian rebels as recently as February 2015 to steal sensitive information from rebel soldiers.

In the attacks, hackers leverage fraudulent social media and Skype accounts, appearing to belong to female supporters of Syrian rebel groups. These are used to trick rebel soldiers into downloading malware that captures a range of personal information from desktops and Android devices.

“The attacker asked for a photo of the target and then sent a picture of her own – a picture that the victim was too busy mooning over to realize it came with malware,” noted Ars Technica contributor Sean Gallagher.

Security researchers discovered that using this approach, hackers were able to gain access to personal details about their targets, as well as battle plans and other military intelligence belonging to Syrian government troops.

Protection comes down to awareness and diligence
Social media attacks can be much harder to protect against, as they are oftentimes very well disguised. For this reason, users must put in their due diligence and be sure that they understand the risks.

“Greater awareness and vigilance are the best defenses,” noted PCWorld contributor Tony Bradley.

Keeping up on the latest social media-based attacks and being wary of any suspicious links, message attachments and posts can help users prevent becoming a victim of these kinds of infections.

Related posts:

  1. Best Practices for Ensuring Privacy on Social Media
  2. How Much Do We Value Security and Privacy on Social Media?
  3. Social engineering attacks on the rise, part 2: social media and Iranian schemes
  4. Social engineering attacks on the rise, part 1: eBay breach

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.