Day Trender - News, Business, Real Estate News, Financial, Tech, World

AVG Quarterly Internet Security Report

Internet and mobile security firm AVG Technologies on Wednesday released its quarterly “AVG Community Powered Threat Report”, reporting a stark increase in attacks on Facebook and Google's Android mobile operating system.  Attacks on Facebook, the report said, have increased by three times over the last 12 months.

The report also noted an increased risk of attack for users of smartphones, particularly those running the Android OS.  The report explains that because of Android's open-source nature as well as its “open-garden approach” in allowing users to install software on their phones, it leaves entryways for hackers to install their own malicious code.

During the three months ended March 31st, AVG says 0.2 percent of downloadable Android apps contained malicious content.  The increase on attacks against Facebook, meanwhile, is hardly surprising, as cyber criminals tend to target applications or services with the most users, and Facebook offers them access to 500 million users, a number that can't be reached anywhere else.  AVG's data shows that about 42 percent of the malware it found on Facebook exists in the sites hundreds of applications.

According to the report, Facebook users are being lured in and asked to go through a series of “surveys” before being taken to some video or picture.  In many cases, the user is asked to press a “like” button, but, hidden from the viewer, hackers place hidden images above the like button, which hijacks the click when the user tries to click the like button.  The hidden image then activates a script that asks all of the users friends to “like” the image, as well, thus taking advantage of the viral nature of Facebook to spread the code.  The scam is called “like-jacking” or “click-jacking” and has become increasingly prevalent on social networks.

In 2010, AVG says it discovered an average of one such campaign per week, most occurring on weekends, usually netting between 200,000 and 300,000 victims per run.  The average is now up to one campaign every other day or so, the report showed.  The report is compiled from data collected through AVG's Community Protection Network, which the company promotes as an “online neigborhood watch”, followed by three months of extensive research conducted by AVG engineers.

AVTG also says that the use of so-called Blackhole Exploit Kits are on the rise.  These kits are designed to exploit vulnerabilities to execute arbitrary code.  During one particular week in February, AVG noted that these attacks went from a few hundred per day to 800,000 in just one day.  The firm also reports that among URL shortening services, bit.ly is the most prone to being exploited to spread spam messages.  Finally, the report said that the United States remains the top source for spam, followed by the UK and Brazil.