Twitter: Malware in 140 characters [Infographic]

It’s been five years since Twitter arrived on the social media scene and, with over 50 million tweets per day, the popular micro-blogging platform has been the buzz of users, celebrities, artists, social activists, popular CEOs and philanthropists worldwide.

Twitter has stirred up governments, influenced social revolt and political change as well as media companies who have now adopted the “140 characters or less” broadcast medium.

And if that’s not enough for even for the most hard-headed of skeptics, then note that even American President Barack Obama has a Twitter account and is actively making good usage out of the service to help drive his political campaigns.

But, despite all the shiny demographics and progress with regards to growth, Twitter has struggled with numerous cases of malware. From clickjacking attempts to trojans, hacks and account hijacking, the service has become a popular avenue for cybercrime attacks around the web. Timothy Armstrong, Security Researcher at web security firm Kaspersky Lab shares some insight into the malware that has successfully affected Twitter over the last 5 years:

“Security on Twitter has had an eventful history, even considering its relatively young age. There have been all sorts of different types of attacks from trending topics to hacked admins, to account hijacks, just to name a few.”

The infographic below from SecureList, the Kaspersky Lab blog provides an outline of a few of the malware attacks Twitter has experienced during its lifecycle:

“Due to Twitter’s popularity and its constant security lapses as outlined above, the Federal Trade Commission brought charges against Twitter in mid 2010. As a result, Twitter had to adopt a number of new security policies, and now includes such security options as default Secure Sockets Layer (SSL) connectivity and OAUTH support for external Twitter clients,” says Armstrong.

He concludes by emphasizing that Twitter users need to be aware of the various forms of malware: “Considering this, it is therefore crucial for users to understand the types of malware activity that Twitter has experienced, as it remains a haven for active cybercriminals, for their own gain.”

Despite all the security measures in place to help minimalise security threats, social networking sites, it seems, will be prone to various levels of attacks. Hackers are able to infiltrate the easy and readily available broadcasting arena that social sites allow for by exploiting current topics and trends. An example of this would be the recent Charlie Sheen death hoax which spread malware through Facebook. An analysis of the number of Facebook scams shows that the site has  suffered from more malware and hacking attempts in recent months with the “who’s viewing your profile” type of stalker applications ranking the highest amongst the list of scam techniques.

Twitter, Facebook and the number of popular social networks will undoubtedly be probed for technical vulnerabilities. These, like the XSS mouse-over vulnerability which hit Twitter last year, are easily patched and adds to overall security of the service. However, hacking into social networks requires very little technical skill and is more of a psychological game of winning over a user’s trust. Once a hacker has access to a user’s proprietary information, they also have access to all your contacts, email address and any relevant data in your personal profile.



Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

Sign up to our newsletter to get the latest in digital insights.