For millions upon millions of people worldwide, social media has become almost integral to the way we communicate with others, but is it immune from the threats posed by malware? It seems that there is significant room for improvement following the news that over two million passwords and similar login credentials for sites including Facebook were stolen and published online.
Pony, a botnet which has previously attacked social media sites, took the passwords from users of a number of sites worldwide, with a shade over 96% of them coming from people based in the Netherlands. Nevertheless, the scope of the attack was worldwide, with victims unwittingly downloading malware which enabled keylogger software to pilfer their passwords in almost no time.
Broad stroke
As well as attacking people in a number of countries, the botnet also affected a wide range of social media sites. The most notable included Facebook, Twitter, Yahoo and business networking site LinkedIn, although there were a few sites aimed specifically at regions and nations. Russian social site vk.com was affected by Pony’s latest attack, as was one of its main rivals.
Although Pony had attacked sites before, this is the botnet’s biggest to date. How it managed to work was by taking a consistent number of passwords each day, as opposed to the more common ‘hit and run’ type of attack. Regardless of how it happened, many of the passwords shared one trait making them far easier to take by the hackers.
Simple and suicidal
The bulk of passwords stolen happened to be rather simple, thereby making them less secure. Among those found included ‘1234’ and ‘password’, showing that a number of people affected by the attack were at least partly to blame for having them stolen and changed, rendering their accounts inaccessible, but could more be done than just making them more secure?
According to Andrew Mason, a security expert from RandomStorm, people need to take a few extra steps in order to keep their social media accounts as impregnable as possible. He said:
“This just goes to show about the importance of endpoint security combined with a strong password. Even the strongest password is worthless if the endpoint it is being used on is either untrusted or trusted but insecure allowing a bonnet such as Pony to be run on it and the subsequent password key logger.”
“Once the key logger is installed it is very easy to harvest usernames and passwords for whatever the user types in during the course of their normal day. By ensuring proper endpoint security and at a minimum patching and up to date AV deployment these types of attacks can be totally eliminated.”
“The second area of concern from the article is the use of weak passwords. Again, without a strong password it makes the job of a hacker so much easier being able to use an automated tool to crack many passwords per second”, he added, saying that there is a two-step solution to blocking out botnets.