The Use of the Modern Social Web by Malicious Software

Modern malware exploits the social web ecosystem: using social networking sites for command-and-control, controlling social media content for financial/political rewards, distributing links for autonomous propagation, and defrauding users through chat bots. Social media's richness enables malware to thrive.

Malicious software thrives in the richness of the social web ecosystem, which incorporates mobile devices, reliable networks, powerful browsers and sociable users. Modern malware is programmed to take full advantage of these elements, which are especially potent in the context of social media and social networking websites. As the result, we’re seeing malware exhibit the following characteristics:

Using social networking sites to remotely direct malicious tools and attackers’ actions
Controlling social media content to provide attackers with financial and political rewards
Distributing links on websites with social capabilities to for autonomous malware propagation
Defrauding participants of the social web by using chat bots and other techniques

I created a brief presentation how malicious software makes use of these techniques to thrive on the social web and to offer lucrative benefits to malware authors and operators. If this is interesting to you, download my presentation, complete with full speaker notes and references (PDF).

About the Author

Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. As CISO at Axonius, he leads the security and IT program, focusing on trust and growth. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.

Learn more →