Twitter's scareware distribution attack signals a new trend in social Internet security problems says Finjan

by Michael Smith (Veshengro)

Farnborough, United Kingdom, June 2009 - The arrival of what appears to be the first scareware distribution attack on the Twitter microblogging service at the weekend of May 31/July 1, 2009, signals the fact that firms need to think very hard before allowing staff access to these advanced types of social networking applications, says Finjan, the business Internet security specialist.

According to Finjan, this weekend's scareware attack - in which Twitter users were invited to click on a 'best video' link but also ended up being quietly infected with a rogue security application - signals a worrying new trend in social Internet site attacks.

That weekend's Twitter scam was a complex one with users invited to click on what appears to be a YouTube video, but the embedded program call also opens an IP connection to a second site, resulting in the download of a malware-infected PDF file that later installs a rough anti-virus.

Finjan has reported on the rough anti-virus risk on its recent Cybercrime Intelligence report:

For more on the Twitter best video scam:

For more on Finjan:

Finjan MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions. For more information please also visit our info center and blog.

It is Finjan's job, obviously, to war firms as they did as regards to such events and as regards to suggesting that companies think hard before allowing staff access to these advanced types of social networking applications, as it is also their business, so to speak. It is what makes them money, after all.

The real problem are, however, neither the applications and maybe not even those that distribute such malware. The real problems are the users themselves. The user is one that is to blame in the highest order in most cases of malware infection of any system, personal or corporate, unless the malware was, in fact, introduced via an outside hack. The latter, that is to say a hack from the outside, is, except for military and security service systems, not such of an occurrence; injection of malware via users that act, for lack of a better word, stupid, is more often than not the culprit.

How many more times do they have to be told not to click on this or that, in the same way as to opening suspect emails and such. Clicking on links is something that should be discouraged, especially when the message comes from strangers.

I find that there are followers that arrive on my Twitter page that, when checked, have a very strange account themselves with, maybe, just the one posts that has a link and n o other posts.

Such accounts immediately should be suspect as well as any that do not look right. The user must be the main line of defense and the user must be savvy enough not to do stupid things, and in most cases this comes all down to stupidity on user's side.

Companies can try barring access to social networking sites as much as they like. There will always be users that will find a way to circumvent such blocks and, in fact, it has been found that the use of social networking sites by employees can be beneficial for the businesses, as is shown in the book “Throwing Sheep in the Boardroom” published by Wiley.

Getting users to act responsibly and thus avert the risks is much better than to block access; something that the authors of the above book also stand for.

It is the user who needs to be made aware of the risks and the fact that no corporate firewall, however good, can trap each and every piece of malware and hence users must be security conscious not to click on links, especially not on sites such as Twitter and Facebook from people they do not know as to their integrity. Simple as that!

© 2009