Malware Targets Social Networking Sites

The rising spread of malware on social networking sites is beginning to garner interest among the IT community and experts are being consulted to provide a clearer perspective on what is taking place. UAB's director of research in computer forensics, Gary Warner, was recently quoted in an article featured as the cover story of SC Magazine that discusses the current issues that are present at a time when social networking is becoming more popular even among businesses.

Below is an exerpted portion of the article.

“Perhaps the most prolific attack occurring specifically within social networking sites is Koobface, a data-stealing worm that first struck MySpace and now mostly propagates on Facebook, according to Kaspersky. The number of variants skyrocketed from 109 at the start of the year to around 930 at the end of June. The malware spreads through messages in which users receive a link to a video claiming to come from a friend. However, if victims follow the link, they are asked to download a fake Adobe Flash update, which installs the worm.

Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, has analyzed trojans that, instead of being designed to steal banking credentials, have been customized to siphon login details for social networking sites. The malware authors then use these to hijack legitimate accounts to send spam links to friends, resulting in a higher click-through rate than one might achieve through junk mail.

“Compromising these accounts is now a new path to money,” Warner says. “It all goes down to targeting your message for a higher rate of return by creating an assumption that there is a relationship with the advertiser. If it's from your friend, you'll always answer it .”

To read the full article go to: http://www.scmagazineus.com/Social-network-security-Social-anxiety/article/141347/ (linked to from news.google.com).