A new report out by Barracuda Networks this week confirms the security community's suspicion that the explosion in Twitter's user base in 2009 has lead to an incipient rise in cybercriminal activity at the social networking site.
Released yesterday, the Barracuda Labs annual report took a deep dive into Twitter usage and attack trends along with its analysis of general Web and e-mail malware attack techniques for 2009.
The report showed that the most active time for Twitter's momentum is what Barracuda dubs the 'Twitter Red Carpet Era,' a period of time between November 2008 and April 2009 when an influx of celebrity actors, musicians, sports stars and politicians started joining up. In that period, 27 of the current top 50 most followed people signed on. These high-profile tweeters drew a crowd; the Twitter growth rate was just 2.02% at the beginning of the Red Carpet Era and 21.7% at the end. According to Barracuda, 49% of all Twitter accounts were created at that time. That era saw the peak of Twitter growth. By December 2009, growth had leveled off all the way down to just 0.34%.
The attack curve on Twitter very closely follows the peak in growth during the Twitter Red Carpet Era.
"There's a six month period at the end of 2008 and beginning of2009 when all of the celebrities came to Twitter and right behind that the attack rate on Twitter tripled," says Paul Judge, chief research officer at Barracuda Networks. " Four months after that that period when all of the celebrities came and users came, the attack rate on Twitter was at its peak. It shows the usual cycle of attackers following the users. They're coming where the users are and where the dollars are."
To get an idea of how prevalent cybercrime was within Twitter, Barracuda measured the percentage of accounts created per month that were suspended for malicious or suspicious activity to develop what it calls the Twitter Crime Rate. During the Red Carpet Era, the Twitter Crime Rate shot up by 66 percent. Overall, Twitter Crime Rate reached its peak in October 2009, when a whopping one in eight accounts created was found to be malicious or suspected to be misused and was suspended by the site.
Clearly, hackers are following tweets as closely as its most ardent devotees. Their favorite attack technique is to take over accounts and send out tweets that include information about hot trends, along with the link. Problems start when these hacked accounts' followers click into the links, which inevitably redirect to Web sites containing any nature of malware and rogue AV.
