Social ThreatsSocial Threats - Virus Bulletin · Title: Microsoft PowerPoint -...
Transcript of Social ThreatsSocial Threats - Virus Bulletin · Title: Microsoft PowerPoint -...
Social ThreatsSocial ThreatsH F il W AHow Fragile We Are
George Lucian Petre, Product Manager for Social Media Security
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 2
The Social Ecosystem
‐ Over 800 millions Facebook users‐ Over 200 millions Twitter users‐ Over 7 million Facebook ApplicationsOver 7 million Facebook Applications‐ Over 1 million Twitter Applications
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 3
2010 and 2011 saw2010 and 2011 saw2010 and 2011 saw Social Media Security as a “trending” topic
2010 and 2011 saw Social Media Security as a “trending” topic
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 4
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 5
A Picture is Worth a Thousand Words
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 6
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 7
Social Game Scams
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 8
“Beauty” Scams
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 9
Who’s Stalking You?
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 10
Likejacking
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 11
Social Scams as Biggest Mobile Threat
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 12
Scams Migrate to Twitter
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 13
Tagjacking
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 14
Complex Scam Mechanisms
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 15
Commentjacking
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 16
Get Followers, Fans and Spam, p
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 17
Chat Roulette – How Social are Our Children Online?
15 16
14
17
1919Really?
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 18
16
How Effective is a Facebook Scam?
14 unique Facebook Apps 286 unique urlsq pp q
1,411,743 clicks 35 hours traffic spike
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 19
July 2011 – Firesheep Lives OnTop pages still lacking ssl s pportTop pages still lacking ssl support
Page Name Number of Fans
Youtube 41,671,833
Coca Cola 32,297,560
Justin Bieber 32,982,053
Th Si 31 949 681The Simpsons 31,949,681
Cristiano Ronaldo 30,941,973
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 20
Why are Social Threats so BIG?
Scammers’Cloud
1 click/touch
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 21
Have we learnt anything from our experience ith the Windo s Platform?with the Windows Platform?
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 22
Unique Samples (2000 – 2010)
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 23
The Social Media Vicious Circle
Numerous third partyPowerful API third party
appsPowerful API
The Social Media Security Vicious Circle
Huge popularity of
social
Third party Security A ?
Vicious Circle
social platforms
Countless
Apps?
Countless users
attracted by malware creators
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 24
Bitdefender Safego is the solution we developed as a response to the t f th tnew type of e-threats.
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 25
Security Solutions’ Actions vs Social Media APIs
F b k• Facebook:
•Facebook•Blocking alerts•Notify user•Twitter•Blocking alerts•Notify user
• Wall• Private Messages• Chat• External likes
• Twitter• Twitter• Timeline• Private Messages• User profile• Other Apps
Detection Warnpp
DisinfectBlock/Filter
•Facebook•Twitter
•Facebook•Twitter
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 26
Restricted API for Security Solutions
TransparencyTransparency
ProxyProxyPrivacyPrivacy
Security API
Security APIAPIAPI
Blocking Al t
Blocking Al tValidationValidation AlertsAlerts
Parental Parental control policiescontrol policies
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 27
What would be the standards applicable to a third Part Sec rit API ?third Party Security API ?
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 28
THANK YOU!glpetre@bitdefender [email protected]
@glpetre
Copyright@bitdefender 2011 / www.bitdefender.com 10/13/2011 • 29