Facebook attacks generate $ 200 million in profits for attackers every year
A few days ago, la Repubblica published information from Italian security writers about a spam campaign on Facebook that was developing at a very rapid pace. Over 70 hours, more than 500 thousand users were compromised by clicking on malicious links that were distributed via the Facebook message service. The attackers used this kind of phishing, in which the user was sent a message stating that he was tagged in the recording of another user. The link leads to a third-party site whose webpage contains a video. When you try to view the video, the user is prompted to install a special browser extension, which the attackers are masking under the word “plugin”.
The extension accesses the user's browser and can control all its actions in it. Such code is called malicious, because the compromised user data, which the browser already contains and all the data that the user will enter into the web page forms when working with online banking systems or other services, is compromised. Extensions are an effective legitimate tool and can serve as a substitute for the already fraudulent system of fake forms and the introduction of auxiliary code into the browser process. This, in turn, further complicates the identification of actions of malicious code "with the naked eye."
')
Such a “luck” of attackers is not accidental. In the attack were used several techniques that led them to great advantage.
According to Italian researchers who specialize in spam analysis, the attackers' annual income from such attacks on Facebook brings in a profit of $ 200 million. Hackers use pre-prepared phrases or themes for phishing and services of shortened links like tinyurl.com / bit.ly to hide the true URL -address from the user's eyes.
Some users of a social network are involved in this scheme - spammers, who receive a monetary benefit, on average, $ 13 per publication. The amount of payment varies from the number of subscribers of the page on which the spammer leaves his link. For the page with the number of subscribers 30 thousand, the spammer will receive $ 13. In the case of a page that has more than 100 thousand subscribers, the amount can be $ 58. Sometimes spammers create their page in order to attract subscribers. Further, as soon as there are enough users, they can publish a phishing link.
Other people who are interested in financial gain and can sell this or that page with a very large number of subscribers to attackers may be involved in such a business. Italian writers collected statistics on the pages, which shows that, on average, 18 thousand messages are published on the analyzed pages per day, the benefit from each of them ranges from $ 13 to $ 58 per day. It turns out the figure of $ 87 million and $ 390 million per year.
http://www.theguardian.com/technology/2013/aug/28/facebook-spam-202-million-italian-research
The extension accesses the user's browser and can control all its actions in it. Such code is called malicious, because the compromised user data, which the browser already contains and all the data that the user will enter into the web page forms when working with online banking systems or other services, is compromised. Extensions are an effective legitimate tool and can serve as a substitute for the already fraudulent system of fake forms and the introduction of auxiliary code into the browser process. This, in turn, further complicates the identification of actions of malicious code "with the naked eye."
')
Such a “luck” of attackers is not accidental. In the attack were used several techniques that led them to great advantage.
- Social service with a huge number of users.
- Successful phishing theme as a means to pay more attention to the message.
- Use the shortened link service to hide this URL destination.
- Using browser extension instead of drive-by download malicious code.
- The malicious extension sends phishing links to the user's contacts in the social network.
According to Italian researchers who specialize in spam analysis, the attackers' annual income from such attacks on Facebook brings in a profit of $ 200 million. Hackers use pre-prepared phrases or themes for phishing and services of shortened links like tinyurl.com / bit.ly to hide the true URL -address from the user's eyes.
Some users of a social network are involved in this scheme - spammers, who receive a monetary benefit, on average, $ 13 per publication. The amount of payment varies from the number of subscribers of the page on which the spammer leaves his link. For the page with the number of subscribers 30 thousand, the spammer will receive $ 13. In the case of a page that has more than 100 thousand subscribers, the amount can be $ 58. Sometimes spammers create their page in order to attract subscribers. Further, as soon as there are enough users, they can publish a phishing link.
Other people who are interested in financial gain and can sell this or that page with a very large number of subscribers to attackers may be involved in such a business. Italian writers collected statistics on the pages, which shows that, on average, 18 thousand messages are published on the analyzed pages per day, the benefit from each of them ranges from $ 13 to $ 58 per day. It turns out the figure of $ 87 million and $ 390 million per year.
http://www.theguardian.com/technology/2013/aug/28/facebook-spam-202-million-italian-research
Source: https://habr.com/ru/post/192014/
All Articles