Internet and mobile security company AVG Technologies has observed a jump in
attacks targeting Facebook and Android, unsurprisingly both platforms with a
user base that continues to rapidly grow all over the world.
In its just released “AVG Community Powered Threat Report”, the company posits
that the first quarter of this year saw a major jump in malicious campaigns on
Facebook, which have increased threefold in the last 12 months.
The company also noted a notable increase in risk for smartphone users, and the
Android platform in particular. AVG says the open source nature of the OS as
well as the “open-garden approach” in allowing users to install software on
their phones opens the door for hackers to write malicious code. The
fragmentation of the Android platform also doesn’t help, AVG adds.
During Q1 2011, AVG marked 0.20% of downloaded Android apps as malicious.
Going back to Facebook, AVG Technologies notes in its report:
Facebook’s popularity has its price. Cyber criminals naturally tend to target
the most popular applications or services used by the majority of Internet
users, in the case of Facebook it can reach out to a huge amount of people.
Social networks have become a haven for cyber criminals. The built-in trust
among “friends” on social networks makes it easier for a cyber criminal to
deploy successful attacks against these users.
AVG data shows that approximately 42% of the detected malware on the social
network is related to Facebook applications.
According to the report, Facebook users are increasingly being lured to go
through multiple ‘surveys’ in order to watch some promised seedy video or
picture. Often, one of the survey pages includes click-jacking or so-called
like-jacking, where the victim is asked to press a button, but although it’s
not visible to the viewer, the attack page has placed a transparent GIF over
the top of the button, so that instead of the button getting the click, the GIF
gets it.
The GIF then runs a script to tell all their Facebook friends that he or she
“likes” a video or image, and that they should check it out. Thus, the
malicious campaigns take advantage of the viral nature of Facebook to spread.
Last year, AVG spotted an average of one such campaign per week, usually
running on weekends, and usually netting 200,000 to 300,000 victims, but this
has now apparently accelerated to a fresh campaign every other day or so.
The report is based on traffic and data from AVG’s Community Protection
Network, which the company bills as an ‘online neighborhood watch’, followed by
research performed by the security software maker, over a three-month period.
AVG notes that during this period, attacks using Blackhole Exploit Kits, attack
toolkits that exploit several vulnerabilities to execute arbitrary code, are
clearly on the rise. During one week in February 2011, the company observed a
jump in Blackhole attacks from a few hundred per day to a whopping 800,000 in a
single day.
Also worth noting: AVG says bit.ly is the URL shortening service most often
exploited to spread spam messages. Popularity indeed seems to have its price.
According to AVG, the United States is still the dominant source of spam,
followed by the UK, with Brazil a clear runner up. English remains the main
language used in spam messages.
CrunchBase Information
AVG Technologies
Facebook
Android
Information provided by CrunchBase
http://feedproxy.google.com/~r/Techcrunch/~3/iwlsA9tMouc/
Sent with MobileRSS HD
--
You received this message because you are subscribed to the Google Groups "The
Unique Geek" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/theuniquegeek?hl=en.
