Mobile versions of social networks and websites hosted using WordPress were two of the major targets for malware in the past quarter, a report from AVG reveals, while small businesses are being warned to crack down and keep their systems safe.
The warning comes during a big month for malware, after an infection spread across the internet that targeted Apple computers โ leaving many customers open to attack who had previously believed the companyโs products were unassailable by malware.
The latest AVG threat report for the first quarter reveals more cyber criminals are attempting to spread malware through mobile versions of social networks. Some of the most popular threats included malware being pushed through mobile devices, with many users unaware they were being infected.
โThere has been a fairly marked increase in the prevalence of social media being used to target mobile users, and weโre talking about Android users here,โ says AVG security advisor Michael McKinnon.
โSo cyber criminals have worked out if they can use Twitter accounts to spam a bunch of links before Twitter shuts them down, they can send out links to infected sites.โ
These infected sites can contain anything from types of malware including Trojans, to pieces of code that will infect a usersโ device and form part of a collection of compromised computers, known in the industry as a โbotnetโ.
This warning comes as the number of malware-infected apps on the Android app market, known as Google Play, continues to rise. McKinnon says this is becoming a problem for businesses โ especially as more start requiring staff to use smartphones.
Businesses that require staff to bring their own smartphones for use are in greater danger, as the company has no control over what apps are being downloaded. McKinnon says itโs imperative that businesses warn staff of the dangers surrounding their mobile activities.
โThey need to take care when using social media from mobile devices, especially with regard to installing applications.โ
The other main area of concern identified in the report is the malware that has attacked sites hosted by blogging platform WordPress. McKinnon says that while many businesses host blogs and other sites using WordPress, they may not be aware the platform had been targeted by harsh pieces of malware in the past month, most of which are coming from customisable plug-ins.
In fact, researchers revealed last week the massive infection that attacked Mac computers last month originated on WordPress sites, using a type of toolkit known as โBlackholeโ.
McKinnon says itโs critical businesses using WordPress blogs get up to speed with what theyโre dealing with, and find ways to keep themselves safe โ especially when the majority of WordPress sites are operated by amateurs, not security professionals.
โThere are lots of small businesses operating WordPress sites, and I think whatโs interesting is that people are using vulnerabilities in WordPress for a platform for other infections.
โIt can be the case that the website or business owner doesnโt know anything about this and their website becomes the point of redirection for an infection.โ
McKinnon says business owners canโt keep themselves in the dark, with the threat report showing more platforms such as WordPress being used for infection.
โYou need to make sure you have backups of your website, and you need to make sure you have a backup plan for everything. You donโt want to get caught with an infection that ruins you.โ
Patrick Stafford is a freelance journalist and a former deputy editor of SmartCompany.
Comments