Increased Number of Malware Assaults Launched via Social-Networking Websites

Vice-President and General Manager Gillis of the security technology business division at Cisco cautions that cyber-criminals are realizing that utilizing social-networking websites, particularly Facebook for executing malware assaults against particular individuals or organizations can yield far many successful outcomes. NetworkWorld published this in news on March 1, 2011.

Actually, the company lately traced assaults carried out through LinkedIn wherein the attackers utilized bogus profiles for dispatching connection requests, which seemed authentic, but actually planted malicious software on users' systems. The attacks were targeted on specific organizations for enabling theft of financial and other sensitive data.

Elaborated Gillis, for beating automated Koobface assaults, Cisco attempted at employing a graphic CAPTCHA. The method served purpose for 48-hrs till the time the attackers established one contractors' network that fed the CAPTCHA information and in return for it got electronic currency. V3.co.uk published this in news on March 1, 2011.

Moreover, following the above, the attackers created certain code they ran on contaminated PCs necessitating their operators for feeding CAPTCHA data alternatively have a system restart, Gillis further said.

Also as per the Cisco report, spammers are as well replacing tactics of bulk e-mail outbreaks with personalized assaults via social networks such as LinkedIn and Facebook. The method of spam could quite uncommonly allow the dispatch of 2bn e-mails within just one attack, Gillis stated. NetworkWorld reported this on March 1, 2011.

Significantly, cyber-criminals threatening brands related to social-networking websites aren't new. Operators of the Cutwail network of bots regularly dispatch e-mails masquerading as government organizations and leading social networks. What's unique about these assaults is that they put together very large amounts of e-mails for distribution, a concentration on commercial users, as well as a utilization of the Zeus banker Trojan.

Nevertheless, organizations must ask members for erasing such requests, particularly incase the contacting person's name isn't known.

Additionally, Cisco is using the same strategies of crowd sourcing malware studies as its way to respond. Stated Gillis, there could be a lot of clicks on authentic looking profiles so the fight against social had to be with social alone. V3.co.uk reported this on March 1, 2011.

Related article: Increasing Security Breaches in Canada Causing Loss of $637,000 a year

» SPAMfighter News - 3/11/2011