Targeted social media attacks said to be underreported

Cybercriminals' use of Facebook, Twitter and other social media in targeting individuals with malware is an underreported problem that affects many organizations, says one security expert.

Security company Cyber Squared reported this week how three Chinese political activists in and outside of the country were sent tweets from Twitter that contained links to two compromised websites. The sites, which included a Chinese language forum and a Tibet-related WordPress blog, loaded Adobe Flash exploits.

The tweets were sent Feb. 28 under the malicious Twitter account @hahadaxiao1. Cyber Square notified the social network two days later about the account and the associated attacks.

Targeted attacks through social media tend to be undetected by companies, so the number of attacks is underreported, said Rich Barger, chief intelligence officer for Cyber Squared.

"I think this is entirely underreported and under-detected," Barger said. "I don't think folks are looking for it."

Twitter and Facebook are often used by cybercriminals to communicate with malware in an infected computer. One of the first examples was in 2009 when Symantec reported that a Facebook account was being used to send configuration data to a Whitewell Trojan. An actual command-and-control server handled all the other chores.

The use of social media to distribute malicious links to specific individuals makes sense because of the amount of personal information available to cybercriminals through social networks. Depending on how much of a person's profile is shared publicly, a criminal can sometimes learn enough to tailor a tweet or message to trick the recipient into clicking a link.

[Also see: Social engineering -- the basics]

Also, the number of employees on social media is increasing, as companies incorporate the use of Twitter and Facebook for marketing purposes. As a result, social networks are often becoming the source for targeted attacks.

"It's growing in terms of its choice for attackers, especially when you consider how social media is being adopted almost as a standard business practice," Barger said.

The latest targeted attack shows how cybercriminals are broadening their tactics in going after individuals. In March, Kaspersky Lab reported how the hacked email account of a high-profile Tibetan activist was used in sending spear-phishing emails to not just Windows and Mac OS X computers but also Android smartphones.

"It demonstrates that in a targeted attack situation, the attackers aren't limited to a single vector," Holland said. "Whatever attack vector is required to accomplish mission objectives will be utilized."

To reduce risks, companies should make employees aware of the possibility of becoming a target by way of social media, Holland said. In addition, companies need to monitor traffic coming from social networks in order to spot abnormal behavior.

Read more about social networking security in CSOonline's Social Networking Security section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Cyber SquaredInternet-based applications and servicesapplicationsData Protection | Social Networking Securitysoftwaresocial networkingtwitterinternetdata protectionFacebookTargetsymantec

More about Adobe SystemsFacebookKasperskyKasperskySymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts