Security

Malware Aimed at Social Networks May Steal Your Reality

Computer scientists warn there is a new malware lurking in the distance that will slowly steal your reality by mining your social network for private and behavioral patterns. A victim of a "behavioral pattern" theft cannot easily change his or her static behavior and life patterns. The experts predict it's "inevitable" that malicious attackers will attempt to craft Stealing Reality malware that will be much more dangerous and much harder to detect than tradition malware attacks.

Communication patterns combined with behavioral data can be harvested from mobile devices. Private data is already being mined and marketed. If you are active and have influence in a social network, then your information is very valuable . . . especially to a new breed of malware on the horizon. The email address of a person who is at the center of a vibrant social network is more valuable than an email address of a person on the edge of a social network. Patterns of who you contact, how often you contact that person by email or by phone, helps to see patterns of how information spreads and how you are linked to other people.

Yaniv Altshuler from Ben Gurion University and other computer scientists proposed that a new generation of malware will target and extract information about relationships and record patterns of links in a real-world social network.

Some traditional malware attacks spread by using an email program's address book or a mobile phone's contact list. A non-aggressive malware agent could lurk, much like a social engineer or a smart hacker, to gather information as opposed to alerting the targeted victim. This allows an attacker to build an extremely detailed picture of the victim's lifestyle, personality, interests and influence. In the same way, a malware behavioral pattern attack created to steal reality can harvest a "rich identity" profile of the victim. This stolen data is much more valuable than the demographic information of sex, age and general information that is commonly used now to profile users for advertisers and spammer.

Researchers studied the best Stealing Reality attack strategies for mining behavioral pattern data from a real mobile phone network consisting of 800,000 links between 200,000 phones. Researchers wrote, "A Stealing Reality type of malware attack, which is targeted at learning the social communication patterns, could 'piggyback' on the user generated messages, or imitate their natural patterns, thus not drawing attention to itself while still achieving its target goals....There is no reason to think that developers of malicious applications will not implement the same method and algorithms into future malware, or that they have not already started doing so."

Google CEO Eric Schmidt told the Wall Street Journal that "every young person one day will be entitled automatically to change his or her name on reaching adulthood in order to disown youthful hijinks stored on their friends' social media sites." Researchers stated, "Speculative as this might be, it demonstrates the sensitivity and challenges in recovering from leakage of real-life information, whether by youthful carelessnes or by malicious extraction through an attack. For this reason, Stealing Reality attacks are much more dangerous than traditional malware attacks."

Right now on social networks, when an account is compromised, it's not fun but the victim can recover. The password can be changed, an instant message program can be switched, a credit card can be can cancelled, or a hard drive can be wiped. The point is that the victim can warn friends of the account breach and take steps to recover. "However, it is much harder to change one's network of real world, person-to-person relationships, friendships or family ties. The victim of a 'behavioral pattern' theft cannot easily change his or her behavior and life patterns. Once extracted in digital form, it would be between hard and impossible to make sure all copies have been deleted," researchers wrote.

If a malicious attacker steals and then leaks or sells your behavioral patterns, what are you going to do? Tell your mother or your boss that your reality was stolen and you can never talk to them again? Most people cannot change their network of family or friends.

In conventional attacks, the infection rate of spreading malware is very high, spreading fast, and makes it possible for existing monitoring tools to detect the malware. By making a new generation of non-aggressive malware, with a low infection rate to spread slowly, it would be much harder for network administrators and antivirus software to spot.

If malware operated in stealth attack to steal private information at a slow pace, then that malware would imitate the natural rate of human communication patterns and the evolution of relationships. For this reason, Stealing Reality malware might be hard if not impossible to detect. And the experts predict that this new generation of malware is coming soon to a social network near you.

Here is the Stealing Reality pdf paper.

Subscribe to the Security Watch Newsletter

Comments