Facebook, Twitter Hold Security Threats: Report

By Nathan Eddy  |  Print this article Print

An Internet security intelligence report from CA Technologies shows the rise of “Crimeware-as-a-Service”.

Nearly two billion people today use the Internet to conduct business, communicate with family and friends, stay-in-touch with current events and entertain themselves – and in doing so, expose themselves to an extensive and growing number of malware threats, according to a report released by IT management software and solutions company CA Technologies. The company's "State of the Internet 2010: A Report on the Ever-Changing Threat Landscape" provides a look at the most prevalent threat activity in the first half of 2010 including the emergence of organized "Crimeware-as-a-Service", which CA researchers said is fueling the rapid development of new threats.

Researchers identified more than 400 new families of threats--led by rogue security software, downloaders and backdoors. Trojans were found to be the most prevalent category of new threats, accounting for 73 percent of total threat infections reported around the world. Importantly, 96 percent of Trojans found were components of an emerging underground trend towards organized cybercrime, or "Crimeware-as-a-Service."

Also known as "scareware" or Fake AV, the first half of 2010 saw this category of malware continue its dominance. Google became the preferred target for distribution of rogue security software through Blackhat SEO, which manipulates search results to favor links to infected websites domains, according to the report. Rogue security software displays bogus alerts following installation and coerce users to pay for the fake product/service.

"Crimeware isn't new, but the extent to which a services model has now been adopted is amazing," said Don DeBolt, director of threat research for Internet security at CA Technologies. "This new method of malware distribution makes it more challenging to identify and remediate. Fortunately, security professionals and developers are diligent about staying one step ahead of these cyber criminals."

Research revealed cyber criminals growing reliance on using cloud-based Web services and applications to distribute their software. Specifically, cyber criminals are using web and Internet applications (like Google Apps), social media platforms (such as Facebook, YouTube, Flickr, and Wordpress), online productivity suites (Apple iWorks, Google Docs, and Microsoft Office Live), and real-time mobile web services (like Twitter, Google Maps, and RSS Readers). For example, recent malicious spam campaigns are posing as email notifications targeting Twitter and YouTube users, luring targets to a click on malicious links or visit compromised websites.

The company also recently observed viral activities and abusive applications in popular social media services such as Twitter and Facebook – the result of a strong marketing campaign in the underground market. CA Technologies Internet Security observed a black market evolving to develop and sell tools such as social networking bots.

The research found underground marketers promote new social networking applications and services that include account checkers, wall posters, wall likers, wall commenters, fan inviters, and friend adders. "These new crimeware-as-a-service capabilities became evident as observed from the latest Facebook viral attacks and abusive applications that are now being widely reported," the report noted.

The State of the Internet 2010 white paper provides industry insights based on the extensive catalog of received and processed infections reported by CA Technologies’ Internet security customers and partners around the world in the first half of 2010.