iTnews
  • Home
  • News
  • Technology
  • Security

VeriSign warns of major social networking threat

By Phil Muncaster on Apr 23, 2010 1:59PM

Firm uncovers black market trading in millions of compromised accounts.

VeriSign's iDefense managed security services arm has released new research warning of "exponential" growth in demand for black market data stolen from social networking sites, as criminals internationalise their campaigns.

As an indication of the growth in activity on these sites, iDefense has uncovered evidence of one particular black market forum user, known as 'kirllos', who claimed to be selling 1.5 million compromised accounts in bulk quantities.

Prices for the accounts depend on how many contacts or friends the user has on the site, and range from US$25 per 1,000 accounts with 10 contacts or fewer to US$45 for over 10 contacts, said iDefense.

"There are two things that make this discovery interesting: the volume of social network account credentials discovered, and the fact that we are seeing an eastern European hacker dip into western social networks," said Rik Howard, director of intelligence at iDefense.

"In the past, most hackers have been content to stay with their own local social networking services."

Howard warned that social networking sites should ensure that they provide comprehensive user guidelines on security and privacy.

"Security should really be a priority for social networks in all territories. Social networks should work to assess and implement additional security features on their platforms as threats evolve, helping to protect themselves and their users from emerging threats," he said.

IDefense highlighted several ways in which cyber criminals use social networking sites to make money, including compromising accounts for money transfer scams, and mining data to set up fraudulent bank and other accounts.

Data mining can also allow criminals to obtain a driving licence, passport, or other important form of documentation, said the firm.

Howard further warned that corporate networks could suffer as a result of employees using social networks without due care.

"If a user's account is compromised, any information pertaining to that account could end up on the black market which could mean more spam or malware heading for corporate email accounts if the company's details are listed by the user," he said.

"Malware ending up on a corporate network as a result of an employee's social networking activity could mean loss or corruption of data if stringent IT policies are not in place."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
majornetworkingofsecuritysocialthreatverisignwarns

Partner Content

Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By Phil Muncaster
Apr 23 2010
1:59PM
0 Comments

Related Articles

  • RBA pushes first IaaS workload into Azure
  • Cisco next to turn up Spring4Shell-vulnerable products
  • Home Affairs downplays gov data 'gaps' in critical infrastructure regime
  • Gov told don't "water down" public sector data protection
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Australia scraps digital passenger cards for international arrivals

Australia scraps digital passenger cards for international arrivals

PayTo rollout kicks off

PayTo rollout kicks off

Services Australia spends $50m on IBM Power hardware upgrade

Services Australia spends $50m on IBM Power hardware upgrade

Westpac sets sights on hybrid meeting spaces

Westpac sets sights on hybrid meeting spaces

Digital Nation

Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.