Security Researcher Warns of Cybercriminals Using Events in Iran to Spread Malware

By Matthew Harwood

While media outlets are reporting the Iranian opposition's embrace of social media, especially Twitter, to get around the government's attempts to control information regarding this weekend's contested election and subsequent protests, a security researcher is warning people that cybercriminals will use the crisis to spread malware.

John Bambenek, of the Sans Internet Storm Center, had this warning for people clicking on links in random tweets on events in Iran.

From an information security perspective, the threat is leading people to malicious websites. Set up a blog with an archive of posts on the issue, "borrow" a few pictures of the conflict and post them.  Tweet a message that says "live images of protestors being shot at" and point to your blog that also includes pre-tested malware that is known to be not detected by AV vendors.  Twitter and social networking tools provide another mechanism to lead people to the cyber-threat where only e-mail was used before.  Twitter has no "anti-spam" features, everyone talking about a subject shows up.

So while the use of Twitter and other tools provide for a means to breach censorship rules of foreign regimes, it does not come without risks. Is the information valid? Is it leading you to malware infecting your machine?

As with anything regarding new, social media, don't let impulsiveness unnecessarily compromise your security. For those looking to stay up-to-date on tweets in real-time regarding events on the ground in Iran, check out Monitter, which monitors Twitter and aggregates tweets in one easy location.

But again, be wary of clicking on links.

♦ Photo of Iranian Protests by Hamed_Saber/Flickr

Photo of Twitter Cig Pack by carrotcreative/Flickr




View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.