Users of Facebook, MySpace, Bebo, MyYearbook, and other social networks are being targeted with malware attacks that exploit the trust among social network “friends”. As a result, they are losing money, personal and corporate confidential information, login credentials, and their PCs are secretly serving in BotNets. Will fear slow down or shrink the use of popular social networks?

Attackers are impersonating the “friends” of the victims who trust that the files, documents, photos, and hyperlinks their “friends” send are not malicious. When victims open these items or visit the web pages per the sent hyperlinks, they are assaulted. Some are confronted with phony security software prompts declaring massive infections: ‘click here to clean your PC’. The result is a relatively clumsy malware infestation. More sophisticated malware in the wild is far more difficult to detect. That malware is sure to follow soon.

As if this weren’t enough to fear, these popular social networks feature browser applets such as “Facebook Applications” that enhance the user-experience with specialized functionality such as games, movie preference comparisons with friends, ancestry, cities friends have/will visit, and numerous others. These applets dynamically load into one’s web browser after the user subscribes to it. They are designed to motivate the users to invite their “friends” to use the applications too.

What’s wrong with these applets? Plenty! The advertising revenue seeking social networks distribute them, lending an air of legitimacy without testing them for malicious functionality. The social network provides rely on EULAs. When an outbreak is detected, the social network revokes the developers license and takes aggressive measures to eradicate the applets. With thousands of these applets arriving and updating a month, the profit margins of these providers would suffer greatly if each version of each applet were thoroughly evaluated. What should we reasonably expect of them?

Personally, these applications scare me more than spoofed messages among “friends” that lead victims to malicious content.

First, highly critical web browser vulnerabilities come and go every month like the new moon. These applets can reside on user machines doing whatever fun thing they were designed to do until their developers get their hands on new exploit code for the web browser vulnerability of the month.

Second, there’s no background check on the developers and little to no consequences for their applets getting identified as malicious. If identified, the malware makers merely need to create a new email address and apply again for a developers account.

Will the threat from malware attacks kill social networks? I very much doubt that!

What do I recommend Facebook, MySpace, Bebo, MyYearbook, and other social networks do to protect themselves?

First, they should use two or more different web browsers. Using multiple windows and/or tabs from the same web browser application is a major part of the problem, not the solution. So, use Firefox for Facebook and Myspace. And, use Internet Explorer for online banking and shopping. Its also a good idea to do one sensitive thing like online banking at a time. Other browsers users should consider having on their PC include Google Chrome, Opera, and Apple Safari.

Second, there will seemingly always be some programming flaw in any of these web browsers that can be exploited by cybercriminals to rob users and Shanghai their PCs into Botnets. So, you need some security software that guards these browsers and prevents them from doing harm should they be hijacked. Your typical AntiVirus or Anti-spyware won’t be enough. Regular readers of this blog will know why.

Posted: Thursday, March 12th, 2009 - Endpoint Security
RSS 2.0 - Comment - Trackback