Online Social Networks (OSNs) have revolutionized the internet and social interactions by giving birth to e-societies. Being chain networks, OSN’s expose a wide attack surface for attackers to trigger infections, affecting a large set of users. In the past OSN worms like Koobface, Ramnit, Lily Jade, etc. have been encountered by the world that exploited the integrity of OSNs. This talk sheds light on the model of Socioware, a termed coined to represent online social network malware. Using Socioware, we will shows how the malware authors design OSN worms and what type of techniques they use to trigger chain infections. The model of analysis used in this talk covers different sets of malware classes and attack techniques that are used by attackers to infect OSNs.
During the analysis of Socioware, we will discuss reverse engineering results of samples of bots that has the built-in functionality of Socioware. This talk unveils the use of spreaders, classes of malware that are used to inject malicious messages into communication software, and loaders, features in a bot that recursively load malicious programs and plugins onto the infected machine, and how they are used in Socioware. This talk goes over several demonstrations and real-world examples that cover how OSNs such as Facebook, Twitter, etc. are hijacked and infected. Finally, the talk will conclude with effective defense tactics that OSNs can implement to reduce Socioware.