Constant connectivity to social networks goes hand-in-hand with malware
Posted on 10.10.2012
In September, GFI threat researchers documented a number of cybercrime campaigns directed at users of various social networking sites including direct message spam on Twitter and a phony Pinterest application.

Users of Android smartphones and tablets also encountered mobile malware under the guise of Grand Theft Auto and lingering Olympics 2012 applications.

"With the emergence of smartphones and widespread access to the Internet, today's consumers have an ever-growing demand for constant, reliable connectivity at all times. However, constant connectivity to social networks, websites and email goes hand-in-hand with constant threats of malware, spam and phishing attacks," said Christopher Boyd, senior threat researcher at GFI Software. "The convenience of being connected 24 hours a day requires constant vigilance if the user wants to keep their personal devices and sensitive information safe from cybercriminals."

Many Twitter users received direct messages linking them to a phony login page for the "Twitter Video" application on Facebook. Users who entered their Twitter account credentials had their own accounts hijacked for direct message spam campaigns and were directed to download an Umbra Loader Botnet building tool disguised as a Flash Player update.

Pinterest users looking for a way to quickly and easily view full-sized images without having to click through to individual pages were also targeted with the fake "Pin Photo Zoom" application which infected their system with adware.

Mobile users using Android devices continued to be at risk of downloading malicious programs last month including a fake "Results for the Olympics" application which sent premium text messages from the victim's phone. Mobile gamers were also targeted with a phony Android version of the popular video game Grand Theft Auto: Vice City containing a Boxer Trojan disguised as a Flash Player.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th