Social sites become new tool to propagate malicious codes

Social networking has been a growing phenomenon. It has been gaining momentum at a very good pace. So much so that most of the users have accounts with multiple sites. As per market estimate, revenues from social networking services will grow to around $2.4 billion by 2012. It is because of this ever-growing popularity, social networks have been a continuous target of cybercriminals to proliferate their malicious schemes. Trend Labs Researchers received samples of another Facebook spam, this time also taking advantage of the popular micro-blogging site, Twitter.

The mail, which poses as a Facebook notification message, uses adult-themed strings to lure users into opening the attachment. The .ZIP file attachment, Twitter.zip, contains the file twitter.html, which has an embedded malicious script that Trend Micro detects as JS_REDIR.AE.Social networks are still on the verge of reaching their peak, as an increasing number of users spend more time on managing their accounts.

According to the latest findings by Nielsen, social networking and blogging account for one in every four-and-a-half minutes people spend online.With Facebook still remaining as one of the world’s most popular social media sites and Twitter not far behind, cybercriminals will most likely use these sites more and more to propagate malicious codes.

Koobface is a classic example of a worm that spreads via social networking sites such as Facebook, Bebo, and Friendster. Koobface has been particularly problematic for Facebook users, and maintains a rather consistent presence among Facebook social network users. Facebook, which has over 300 million users, was the original target of the KOOBFACE botnet. Following are four easy-to-follow tips that can help you avoid infection by Koobface and other social networking worms.

Avoid promiscuous friending. Spammers, phishers, and worm distributors abound on social networking sites. Rather than attempting to win an imaginary and virtual popularity contest, demonstrate your self-confidence and restraint by not accepting friend invites from strangers. Your real friends will appreciate it.

Log out of the social networking site when it's not being used. Worms like Koobface can only spread when you are logged on to Facebook or other social networking account. Staying logged off when not in use can help minimize the potential for spreading Koobface or other social networking worms.

Use a unique strong password on each account. If you have multiple social networking accounts, use a unique password for each. For an easy to remember secure method, see: Creating and Maintaing Strong Passwords.

Never click links in messages received unexpectedly and never, ever login to any site as a result of clicking a link in a message. If you do follow a link that instructs you to login afterwards, close the page, then open a new page and visit the site using a previously bookmarked or known good link.

As social networking sites steadily increase in visitor traffic, the number of malicious activities will continue to proliferate. Cyber criminals misuse the credibility & popularity of such sites for their own profit. They could play with users' personal information in order to commit ID theft. For eg: Recently Cyber criminals used Twitter as a technique to lure users into clicking a malicious link. Since Twitter is a trusted source, users may think the email they received is legitimate. In fact, Twitter itself is also becoming a means of spreading spam. As discussed by Trend Micro researchers malicious Tweets now lead to malicious .PDF and .EXE files detected as TROJ_PIDIEF.JCS and TROJ_SMALL.LEC, respectively.