Social Media Platforms Double as Major Malware Distribution Centres

Posted by Geraldine Hunt on Thu, Oct 17th, 2019

There was a time when the biggest threat that social media had on your business was the distraction it created for employees and work time wasted.  Today, these platforms present far more than just a productivity drain for organizations.  They serve now as an attack avenue that leads hackers and their collection of malicious codes straight into your organization.  New research from Bromium from February of this year found that one in five organizations have been infected with malware distributed through a social media platform.  Even more alarming is the fact that 12 percent of those infected organizations experienced a data breach as a result.

The Perfect Trojan Horse

Social media it turns out is the perfect Trojan Horse.  The latest estimates have 2.8 billion people using one social media account or more.  For the same reasons that pickpocketers hang out at crowded airports, train stations, and tourist areas, cybercriminals have learned that users are congregated throughout the day on social media.  Compounding the issue is the sense of trust that users have with their favorite social media platforms, which brings down their guard while perusing their preferred sites every day.

 Users already feel comfortable enough to post personal information such as birthdates, current location, and personal preferences and engage with unknown third parties.  Many openly accept message requests from total strangers. After all, isn’t social media just one big happy family of people longing to connect?  As a result, users have an unhealthy level of conviction when it comes to social media.  Combine the mind-boggling number of users with the undeserved sense of confidence of social media and it’s easy to understand how hackers can reach and infect so many millions of users on a global scale.

Don’t Underestimate the Threat of Social Media

According to an article in Computer Weekly this year, cybercriminals made $3.25 billion last year by exploiting social platforms.  The article summarized information from an extensive study conducted by the University of Surrey concerning the disturbing trend of the utilization of social media to distribute malware.  Some of the findings included the following: 

• Reports of cybercrime involving social media grew by more than 30,000 percent between 2015 and 2017 in the U.S. and quadrupled between 2013 and 2018 in the UK. 
• Over 1.3 billion social media users have had their data compromised within the last 5 years
• Between 45 and 50 percent of the illicit trading of data from 2017 to 2018 could be associated with breaches of social media platforms
• Of the top 20 global websites that host cryptocurrency mining software, 11 are social media platforms

Another reason why social media platforms make such an effective way to distribute malware is the fact that there are so many more delivery methods for malicious code such as malvertising, shared links and images, plugins and digital media.  The constant sharing of content and even profiles promotes the spread of malware even further.

Some Real Examples

The proliferation of images on social media makes it perfect for hackers to inject malicious JavaScript code directly into photos that are then sent via Facebook Messenger.  Animated graphics are also used so that when clicked on, initiates the installation of a browser extension in order to view the file.  The extension is created to emulate a YouTube video and the supposed video file loads malware onto the device. 

Social media users feel comfortable clicking on things on their trusted platforms, which is something that hackers exploit.  Cybercriminals have been using fake “Confirm that you know” emails to try and redirect LinkedIn users to malicious sites. Posting comments on Instagram that direct users to rogue sites is also a common ploy.  Then, of course, there is the tried and tested the use of phishing links that are proving more effective on social media than email, as email users have increased their security awareness to these types of scams.

According to an article in Inc. Magazine, Facebook has admitted to disabling 1.3 billion fake accounts.  Hackers use fake accounts and then link them to other phony profiles in order to boost credibility and recognition.  Bots then use these fake accounts to distribute malicious content, generate fake likes, retweets, and views.  They can also perform a type of DDoS attack in which comments are created so quickly on a company’s brand profile that they cannot delete them fast enough. 

The New Dark Web

Hackers are starting to move some of their promotional efforts from the Dark Web onto social media outlets. Malicious tools, services and botnets are openly marketed on well-known platforms.  These promotional efforts are used to recruit new talent and sell malicious tools and services on the open market. 

Social Media Safety Precautions

There are some basic common sense measures you can take to help protect yourself from social media threats. 

• Always be suspicious of messages and connection requests from strangers.
• Avoid the posting of your personal information on your profile or on messages
• Avoid clicking on any links sent by someone you don’t know
• Don’t involve yourself in social media survey questions
• Always use endpoint protection on any device used to scan social media
• Report spam posts or messages to social media support

A recent study by Spiceworks revealed the extent of the problem. 28% of employees at large companies (more than 1,000 employees) spend more than four hours a week on personal Internet use and the percentages increase to 45% for mid-sized businesses and 51% for small businesses. The difference in those figures reflects the fact that more large businesses have implemented web filters. 89% of large companies have implemented a web filter to curb or prevent personal Internet usage and, as a result, benefit from an increase in productivity of the workforce.

Web filtering is Essential in Terms of Cybersecurity.

The Spiceworks study revealed 90% of large companies use a web filter to block malware and ransomware infections. A web filter prevents employees from accessing websites known to be used for phishing and those that host malware. 38% of companies had experienced at least one security incident in the past year as a result of employees visiting web pages for personal use, most commonly webmail services and social media channels.

Additional benefits of web filtering include improving network performance and ensuring sufficient bandwidth is available for all users – by blocking access to bandwidth-heavy online activities such as gaming and video streaming. From the productivity gains alone, a web filter will pay for itself. Add in the costs that are saved by preventing malware and phishing attacks and use of a web filter really is a no brainer.