Social Networking Threats...

October 2009

SSE 2009: Geographically targeted attacks could be future of social network threats. Just as social networks such as Facebook are seeing advertisement targeted depending on users’ settings and geographical location, so could malware and other threats be targeted specifically, said a senior security researcher at Kaspersky Lab, Romania, at the ISSE 2009 conference on October 7. He told the audience that messages on social networks could read along the lines of “a bomb has just gone off in xxx”, where the location is filled in on a city near the user based on geographical IP information. The researcher said it is only a matter of time before these targeted attacks will become automated. The same logic of fooling victims by using geographical information is being used by Nigerian phishing scammers that use translation software to target potential victims in their own language. In the ISSE 2009 presentation, the researcher demonstrated the increasing popularity, and importance placed on, social networks and how this makes them attractive to cybercriminals. Recently, Facebook reached over 300 million users world wide, and with such a wide user base, social networks become more and more attractive to malware writers and cybercriminals. According to Kaspersky figures, there were 43 000 samples of social networking malware at the end of 2008 and the number more than doubled every year. A particular trait of social networking malware is that it tends to exploit the human factor luring users to infect their own computers.