Internet and mobile security company AVG Technologies has observed a jump in attacks targeting Facebook and Android, unsurprisingly both platforms with a user base that continues to rapidly grow all over the world.
In its just released “AVG Community Powered Threat Report”, the company posits that the first quarter of this year saw a major jump in malicious campaigns on Facebook, which have increased threefold in the last 12 months.
The company also noted a notable increase in risk for smartphone users, and the Android platform in particular. AVG says the open source nature of the OS as well as the “open-garden approach” in allowing users to install software on their phones opens the door for hackers to write malicious code. The fragmentation of the Android platform also doesn’t help, AVG adds.
During Q1 2011, AVG marked 0.20% of downloaded Android apps as malicious.
Going back to Facebook, AVG Technologies notes in its report:
Facebook’s popularity has its price. Cyber criminals naturally tend to target the most popular applications or services used by the majority of Internet users, in the case of Facebook it can reach out to a huge amount of people. Social networks have become a haven for cyber criminals. The built-in trust among “friends” on social networks makes it easier for a cyber criminal to deploy successful attacks against these users.
AVG data shows that approximately 42% of the detected malware on the social network is related to Facebook applications.
According to the report, Facebook users are increasingly being lured to go through multiple ‘surveys’ in order to watch some promised seedy video or picture. Often, one of the survey pages includes click-jacking or so-called like-jacking, where the victim is asked to press a button, but although it’s not visible to the viewer, the attack page has placed a transparent GIF over the top of the button, so that instead of the button getting the click, the GIF gets it.
The GIF then runs a script to tell all their Facebook friends that he or she “likes” a video or image, and that they should check it out. Thus, the malicious campaigns take advantage of the viral nature of Facebook to spread.
Last year, AVG spotted an average of one such campaign per week, usually running on weekends, and usually netting 200,000 to 300,000 victims, but this has now apparently accelerated to a fresh campaign every other day or so.
The report is based on traffic and data from AVG’s Community Protection Network, which the company bills as an ‘online neighborhood watch’, followed by research performed by the security software maker, over a three-month period.
AVG notes that during this period, attacks using Blackhole Exploit Kits, attack toolkits that exploit several vulnerabilities to execute arbitrary code, are clearly on the rise. During one week in February 2011, the company observed a jump in Blackhole attacks from a few hundred per day to a whopping 800,000 in a single day.
According to AVG, the United States is still the dominant source of spam, followed by the UK, with Brazil a clear runner up. English remains the main language used in spam messages.
AVG Technologies is a global leader in security software, protecting more than 110 million consumers and small business computer users in 167 countries. Headquartered in Amsterdam, AVG is the fourth largest vendor of anti-virus software and employs close to 500 people worldwide with corporate offices in the US, the UK, the Netherlands, the Czech Republic, and Germany. AVG has nearly two decades of experience in combating cyber crime and operates one of the worldâ€™s most advanced laboratories for detecting, pre-empting and...
Facebook is the world’s largest social network, with over 1 billion monthly active users. Facebook was founded by Mark Zuckerberg in February 2004, initially as an exclusive network for Harvard students. It was a huge hit: in 2 weeks, half of the schools in the Boston area began demanding a Facebook network. Zuckerberg immediately recruited his friends Dustin Moskovitz, Chris Hughes, and Eduardo Saverin to help build Facebook, and within four months, Facebook added 30 more college networks. The original...
In August 2005, Google acquired Android, a small startup company based in Palo Alto, CA. Android’s co-founders who went to work at Google included Andy Rubin (co-founder of Danger), Rich Miner (co-founder of Wildfire), Nick Sears (once VP at T-Mobile), and Chris White (one of the first engineers at WebTV). At the time, little was known about the functions of Android other than they made software for mobile phones. This began rumors that Google was planning to enter...