Trend Micro
Social Media Threats
Threat History – The Evolution of Digital Threats

To give you an idea of where malware originated and how it evolved into the advanced and persistent threats piggybacking off today's most popular social networks, Trend Micro researchers have developed a timeline of history's most infamous malware.

Social Attacks Era

There are 3.5 new threats per second (almost 12,600 per hour), 1/3 of web users are attacked by cybercriminals using social networking sites to target victims. (Source:

  • KOOBFACE: Targets Facebook Users.
    Type of Malware: Worm.
  • Twitter: Malicious links in Twitter are found to carry Malware.
    Type of Malware: Trojan.

    STUXNET: Exploits Windows vulnerabilities to target SCADA Systems.
    Type of Malware: Worm.
  • DROIDSMS: The first Android Trojan, is seen in the wild.
  • Data Breaches and Highly Targeted Attacks: A data breach refers to the exfiltration of data from a system without the knowledge or consent of its owner.

    HACKTIVISM: Hacktivism is a combination of "Hacking" and "Activism," rooted in cultural and/or geopolitical unrest.
    Type of Malware: Trojan.

Web Threat Era

In the underground economy, a person's credit card number is worth between $7 and $25 US. Trend Micro saw a 2,135% Increase in web threats from 2005-2008. Ninety-two percent of Digital Threats arrived via the Internet in 2008.

  • BANCOS: Performs illegal online banking by logging keystrokes.
    Type of Malware: Trojan.
  • "The Italian Job": Compromises legitimate websites.
    Type of Malware: Malicious HTML, Trojan, Backdoor.
  • ZEUS: An info-stealer kit is discovered.
    Type of Malware: Trojan.
  • FAKEAV: Spreading via Spam Reports increases.
    Type of Malware: Trojan.

    CONFICKER aka DOWNAD: Hits Enterprises as it exploits a Windows vulnerability (MS08-067).
    Type of Malware: Worm.

Worm Outbreak Era

An outbreak is the propagation of the same security threat into different computers within a relatively short period of time. There were 30 major outbreaks with 16,880 Malware detections and more than 37,000,000 infected files in 2004.

  • ILOVEYOU aka LOVELETTER: Attacks millions of computers through social engineering.
    Type of Malware: VBSCRIPT.
  • CODERED: Attacks computers running Microsoft's Internet Information Services (IIS) web server.
    Type of Malware: Worm.

    NIMDA: Infects computers through malicious email attachments.
    Type of Malware: File infector.
  • SASSER: Spreads around Europe, Asia, Latin America and the U.S.
    Type of Malware: Worm.

    MYDOOM, BAGLE and NETSKY: Become notorious mass-mailers.
    Type of Malware: Worm.

Virus Era

Computer Viruses are created for personal gain (notoriety) research projects, fun, pranks, vandalism etc. Others are made for Program improvements.

  • The Brain: Created by two Pakistani brothers, becomes the world's first PC Virus.
    Type of Malware: File Infector.
  • Michelangelo: Erases the first 100 Sectors of a hard drive, rendering it useless.
    Type of Malware: File Infector.
  • Melissa: Overloads servers and causes major damage.
    Type of Malware: Macro.
Where to Find the Riskiest Social Media Threats

Scammers and cybercriminals take advantage of the element of trust on social networking sites and target the most popular features and sites. Trend Micro researchers created an overview of the locations with the lowest risk to the ones with the highest.

Low Risk

Cross-Posts: Shortened links from other social networking sites like Twitter may lead somewhere else.

Medium-Low Risk

Events: Spammers "invite" targets to events. Regardless of their response, users unwillingly spam the same event to their contacts.

Chat: Bad Contacts can automate replying to users, apart from sending bad links.

Pretty Serious

Bad Friends: Malware like KOOBFACE variants create bogus accounts and automatically add people to the list of users' friends.

Apps: Some apps request for access to more personal information than is necessary.

Most Severe

Wall Posts: Users are asked to visit pages to see any of the following:

  • Interesting photos, especially of themselves
  • Exclusive, never-before-seen videos related to current events
  • "Who viewed my profile," top followers list, and notifications from fake applications
  • Spoofed notifications about security issues
  • Celebrity Gossip