iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Social Media Threatened By Malware
Search:
[ news_security_news ]

Social Media Threatened By Malware



David Utter
Staff Writer
2007-05-30

SecurityProNews: Insider Reports Insider Reports RSS Feed


As Conde Nast and regular web surfers discovered on Reddit last week, a promoted story could be linked to a drive-by download of malware online.

It's such a simple concept that it is a little surprising we haven't heard of this being a problem more often. After someone managed to post a story on Reddit and have it promoted to the front page, users who clicked the story link ended up with a Trojan on their system.

That Trojan, identified by Symantec researcher David Curran as Trojan.ByteVerify, then proceeded to go out and grab more malware.

Curran wondered just how effective sites like Reddit or Digg could be at infecting a lot of computers through a promoted story. He cited E-Consultancy's claim that a promoted story on Digg would draw 12,000 visitors to the destination page.

He speculated on how malware backers could exploit this inherent weakness in the system (Reddit finally took down its malicious link, but not before a lot of people clicked it.) Curran suggested those criminals could create a bunch of fake accounts, then create a story that would grab the attention of the social media site's visitors.

The account creation part isn't necessary. Sites exist that offer Digg clicks in exchange for a fee. Digg would probably catch a bunch of newly created accounts upvoting an article. Clicks by existing users who participate in pay for vote schemes may not be so easily noticed.

As for the linkbait article, Curran noted a headline like "Hey, cool, someone wrote an article about Digg!" could work pretty well.

Such approaches probably won't work for long, or against too many victims. Social media audiences tend to have a tech-savvy component to their audiences. Those folks would probably catch malicious activity and vote down the offending link.


About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds