Hackers will target social networking sites: security firms
Social networking sites like Facebook and MySpace will likely be the next big targets for hackers, according to the predictions of two internet security firms.
Sunnyvale, California internet security firm Fortinet on Thursday said hackers could use Facebook widgets — the small programs written by third-party providers — to distribute malicious software to unsuspecting users of the social networking website.
"It could be a game, a 'comparison tool,' or a favourite books list," wrote Richard Stiennon, Fortinet's chief marketing officer and security expert.
Fortinet is the second security firm to warn that social networking websites could be the next big arena for malicious software. Santa Clara, California-based McAfee Inc.'s Avert Labs came out with its own top 10 threat list two weeks ago and also put so-called "web 2.0" social networking sites at the top of its list.
"Compromises and malware at Salesforce.com, Monster.com and MySpace, among others, represent a new trend in attacking online applications and social networking sites," the company said on Nov. 16.
"Attackers are using web 2.0 sites as a way to distribute malware and are data mining the web, looking for information people share to give their attacks more authenticity.McAfee Avert Labs expects a large increase in this activity in 2008."
Social networking sites — where users post profiles of themselves and share information with other users — will become a target because they have exploded in popularity the last two years, the companies said. MySpace, owned by News Corp., has about 110 million users worldwide, while Facebook now claims 55 million active users.
The two companies differed on many of their other predicted threats to consumers, with Fortinet warning of potential hacks to U.S. government agencies and to game consoles — like the Nintendo Wii — that connect to the internet.
McAfee suggested hackers were likely to create malicious software to target instant messaging services, Voice over Internet Protocol (VoIP) telephony services and online gaming sites.