Easy money for hackers, big headaches for IT

There's been a huge increase of malware attached to social networking sites and loosely regulated app stores. Should you lock up your users?

Batten down the security hatches. Hackers are poisoning social networking sites, particularly Facebook, and loosely regulated app stores like the Google Android marketplace, with increasing ferocity. A new study by security vendor AVG found that poisoned URLs posted on Facebook soared by 200 percent in February (compared to the previous month) after increasing by 300 percent in January. (AVG derived its statistics by analyzing URLs blocked by its software.)

The huge spike in rogue software on Facebook is part of a pattern that security experts have seen for several years: tricking users into poisoning their own systems and networks through clever ruses that appeal to curiosity, greed, or lust. No matter how often management tells users not to goof around while on company networks, they do. And IT gets stuck with the mess.

[ Spear phishing: A new breed of malware dupes even the savviest of users into opening security holes. | Keep up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

Although the numbers in the AVG study focused only on Facebook, Yuval Ben-Itzhak, AVG's senior vice president of engineering, says other social networking sites are also inadvertent carriers of rogue software. Indeed, Facebook appears to take reasonable precautions, he says, which only underlines the difficulty of combating the threat.

An easy $12,000 a day
A favorite trick of hackers these days is the fake antivirus scan, often attached to a Facebook page. All of a sudden a window pops up saying your system may be infected, but we'll do a free scan. In the better -- that is, more malicious -- versions of this scam, it's very difficult to make the pop-up window go away.

And while it might seem, well, stupid to do so, quite a few users will actually pay something for the bogus software. An examination of various Web logs and other sources reveals that even a small gang can net $12,000 a day, according to Ben-Itzhak. "It's a dream come true for the bad guys," he says. In one seven-day period, more than 80,000 users were affected by the rogue scanner malware.

[ InfoWorld Test Center reviews: "Malware-fighting firewalls miss the mark" and "Whitelisting security offers salvation." ]

While the users feel the pain of the antivirus scam, another hack making the rounds targets business information. It's a fake codec. A URL leads a user to a site where a video is posted. To play it, the user needs to download the fake codec, which is actually a container for seriously malicious code designed to steal business information.

1 2 Page 1
Page 1 of 2
Stay up to date with InfoWorld’s newsletters for software developers, analysts, database programmers, and data scientists. • Get expert insights from our member-only Insider articles.