Instead of hiding behind the coral reef of communication, Trojans are airing themselves openly in the matrix of social networks like Twitter and Google Groups. By making themselves conspicuous in the social scene, they become relegated to wallflowerdom—like the typical blog started by, say, anyone not Paris Hilton—unread, unnoticed, uninteresting. This deep-end of social networks gives cybercriminals the room to spread out and unleash commands, silently, to thousands of infected computers.
Twitter was implicated in a major botnet called Infostelealer.Bancos that eavesdropped on the keystrokes of thousands of computers, stealing and caching valuable passwords. Recently Symantec’s Security Response Team found another botnet using Google Groups to distribute commands. The social networks aren’t necessarily at fault for the malware. Like any tool, how they’re used depends on the hands that wield them.
Because social networks are harder to vet and malware hidden in plain site is easy to miss, expect more of the same in the future. Tsunamis more. You might even one day be virtual “friends” with the enemy.
