Cyber Criminals Shift towards Social Networks for Command and Control

According to a new research by RSA (a security firm), cyber criminals behind few-targeted banker Trojans, which are a big threat in countries like Brazil and some South American nations, are increasingly taking the advantage of social networking websites as the command-and-control systems to spread their malware. The RSA antifraud experts discovered one of these attacks in process and saw it unfolding.

Such an attack is both simple and effective. This kind of attack starts when a crimeware gang makes one or more false profiles on a particular social networking site (RSA isn't disclosing the identity of the site, where they found the attack).

When a new computer is infected with such a banker Trojan, the malware visits the profile and gets new commands. In this case, a particular command starts with a string of continuous characters, which seems like a real mechanism. This allows the Trojan to discover that it has got the actual commands.

A RSA expert states that the criminals are taking the help of these social networking websites to cover up their actions, as per the report by securitywatch.eweek July 20, 2010,

According to the RSA experts, it is a disturbing fact that these attacks by the cyber criminals to social networks have many advantages. At first, there is no need to buy a domain name and to maintain it as a command and control point for botnet. Next, if a provider deletes an account, then a fresh account can be easily created for free.

The cyber criminals do not have to pay for or manage a secured server. Finally, the cyber criminals know that it is difficult for the cyber experts to detect their use of public resources.

The RSA cyber experts said that it should be noted that in spite of such benefits, banking Trojan threats, which manage communication systems on public networks, were very less in number and could not be seen as a regular threat, as per the report of thenewnewinternet on July 20, 2010.

They also added that when an attack was found, the support expert should be notified and these command and control system could be removed easily and quickly.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 8/2/2010