VeriSign warns of major social networking threat

VeriSign's iDefense managed security services arm has released new research warning of "exponential" growth in demand for black market data stolen from social networking sites, as criminals internationalise their campaigns.

As an indication of the growth in activity on these sites, iDefense has uncovered evidence of one particular black market forum user, known as 'kirllos', who claimed to be selling 1.5 million compromised accounts in bulk quantities.

Prices for the accounts depend on how many contacts or friends the user has on the site, and range from US$25 per 1,000 accounts with 10 contacts or fewer to US$45 for over 10 contacts, said iDefense.

"There are two things that make this discovery interesting: the volume of social network account credentials discovered, and the fact that we are seeing an eastern European hacker dip into western social networks," said Rik Howard, director of intelligence at iDefense.

"In the past, most hackers have been content to stay with their own local social networking services."

Howard warned that social networking sites should ensure that they provide comprehensive user guidelines on security and privacy.

"Security should really be a priority for social networks in all territories. Social networks should work to assess and implement additional security features on their platforms as threats evolve, helping to protect themselves and their users from emerging threats," he said.

IDefense highlighted several ways in which cyber criminals use social networking sites to make money, including compromising accounts for money transfer scams, and mining data to set up fraudulent bank and other accounts.

Data mining can also allow criminals to obtain a driving licence, passport, or other important form of documentation, said the firm.

Howard further warned that corporate networks could suffer as a result of employees using social networks without due care.

"If a user's account is compromised, any information pertaining to that account could end up on the black market which could mean more spam or malware heading for corporate email accounts if the company's details are listed by the user," he said.

"Malware ending up on a corporate network as a result of an employee's social networking activity could mean loss or corruption of data if stringent IT policies are not in place."