Create a free account, or log in

Malware attacking businesses through mobile social networks and WordPress platforms: AVG report

Mobile versions of social networks and websites hosted using WordPress were two of the major targets for malware in the past quarter, a report from AVG reveals, while small businesses are being warned to crack down and keep their systems safe. The warning comes during a big month for malware, after an infection spread across […]
Patrick Stafford
Patrick Stafford

Mobile versions of social networks and websites hosted using WordPress were two of the major targets for malware in the past quarter, a report from AVG reveals, while small businesses are being warned to crack down and keep their systems safe.

The warning comes during a big month for malware, after an infection spread across the internet that targeted Apple computers โ€“ leaving many customers open to attack who had previously believed the companyโ€™s products were unassailable by malware.

The latest AVG threat report for the first quarter reveals more cyber criminals are attempting to spread malware through mobile versions of social networks. Some of the most popular threats included malware being pushed through mobile devices, with many users unaware they were being infected.

โ€œThere has been a fairly marked increase in the prevalence of social media being used to target mobile users, and weโ€™re talking about Android users here,โ€ says AVG security advisor Michael McKinnon.

โ€œSo cyber criminals have worked out if they can use Twitter accounts to spam a bunch of links before Twitter shuts them down, they can send out links to infected sites.โ€

These infected sites can contain anything from types of malware including Trojans, to pieces of code that will infect a usersโ€™ device and form part of a collection of compromised computers, known in the industry as a โ€œbotnetโ€.

This warning comes as the number of malware-infected apps on the Android app market, known as Google Play, continues to rise. McKinnon says this is becoming a problem for businesses โ€“ especially as more start requiring staff to use smartphones.

Businesses that require staff to bring their own smartphones for use are in greater danger, as the company has no control over what apps are being downloaded. McKinnon says itโ€™s imperative that businesses warn staff of the dangers surrounding their mobile activities.

โ€œThey need to take care when using social media from mobile devices, especially with regard to installing applications.โ€

The other main area of concern identified in the report is the malware that has attacked sites hosted by blogging platform WordPress. McKinnon says that while many businesses host blogs and other sites using WordPress, they may not be aware the platform had been targeted by harsh pieces of malware in the past month, most of which are coming from customisable plug-ins.

In fact, researchers revealed last week the massive infection that attacked Mac computers last month originated on WordPress sites, using a type of toolkit known as โ€œBlackholeโ€.

McKinnon says itโ€™s critical businesses using WordPress blogs get up to speed with what theyโ€™re dealing with, and find ways to keep themselves safe โ€“ especially when the majority of WordPress sites are operated by amateurs, not security professionals.

โ€œThere are lots of small businesses operating WordPress sites, and I think whatโ€™s interesting is that people are using vulnerabilities in WordPress for a platform for other infections.

โ€œIt can be the case that the website or business owner doesnโ€™t know anything about this and their website becomes the point of redirection for an infection.โ€

McKinnon says business owners canโ€™t keep themselves in the dark, with the threat report showing more platforms such as WordPress being used for infection.

โ€œYou need to make sure you have backups of your website, and you need to make sure you have a backup plan for everything. You donโ€™t want to get caught with an infection that ruins you.โ€