The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]


Social media platforms are a major conduit for malware and a highly effective marketplace for black hat resources, generating cybercrime worth over $3.2bn every year, according to Bromium.

The security vendor’s latest report, Social Media Platforms and the Cybercrime Economy, is the result of a six-month study by Mike McGuire, senior lecturer in criminology at the University of Surrey. It follows a previous Into the Web of Profit report written by McGuire which estimated annual global cybercrime revenues at $1.5tr.

The new study warned that social media is effectively a “global distribution center for malware,” with a fifth of organizations having been infected via these platforms. Reports of cybercrime involving social media grew more than 300-fold between 2015 and 2017 in the US, and social media-enabled crime quadrupled between 2013 and 2018 in the UK.

The report also claimed that social platforms feature up to 20% more methods by which malware can be delivered to users — such as adverts, shares and plug-ins — than comparable sources like corporate or e-commerce sites.

Some 40% of malware infections identified in the report were linked to malvertising, while nearly a third (30%) came from malicious plug-ins and apps. Cryptojacking was another popular social media-enabled cyber-threat, with the number of enterprises infected by cryptomining malware doubling from 2017 to 2018.

Unwitting users are effectively allowing hackers to use social media as a trojan horse to enter the enterprise, Bromium warned.

“One of the key aspects enabling this is the trust factor. People on social media are actually doing hackers’ jobs for them at times by sharing infected ads and posts, and are much more likely to respond when things come from a trusted source,” McGuire told Infosecurity.

“Users are unwittingly introducing risk to the enterprise and creating backdoors into corporate networks in a variety of ways. Such infections can result in company IP and customer data being stolen, which can impact market-share, reputation and revenues, as well as opening up businesses to regulatory fines – so it’s certainly something businesses should be taking a serious look at.”

Social media is also being used extensively by black hats to buy and sell hacking services and stolen data. Up to 40% of inspected social media sites featured a form of hacking service such as botnets for hire, while cyber-criminals were estimated to make $630m per year off the back of stolen data.

Social platforms have also fuelled a 36% increase in money mule activity since 2016, the report claimed.

“Enterprises are stuck between a rock and hard place when it comes to social media. Banning employees from social media platforms altogether isn’t the right solution and is completely impractical in the modern age,” Bromium president, Ian Pratt, told Infosecurity.

“Social media is an important business tool — we use it for sales, marketing, HR and more. Most companies encourage their employees to engage with their social media to help promote the company. You can’t just cut people off and stop them using it. Even if you do, users will simply find ways around these restrictions, creating a security black hole where activity can’t be monitored or protected.”

McGuire urged social media companies to get more proactive.

“Social media companies need to take an active stance against cyber-criminals exploiting their platforms. Clamping down on criminal activity and protecting users from being exposed to it, while enforcing better data protection practices from users, will also help reduce the likelihood of a breach,” he added. “Additionally, efforts should be made to remove fake followers, likes and retweets which will often result in users clicking on links.”

Sources: CyberSecurityPlace / InfoSecurityMagazine