Limited security and a lack of strict regulation regarding social media-related cybercrime have allowed hackers to make a yearly profit of at least $3.25 billion from these platforms alone, says a study by Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey.
Social platforms rank first in channels exploited by hackers to circulate malware, to sell hacking tools, for money laundering and drug sales. At a very low cost, hackers manipulate these networks to build connections, then target millions of account holders with cryptomining, malvertising and phishing campaigns. They disseminate malware through chain exploitation to cripple corporate networks and compromise proprietary information.
Just between 2015 and 2017, social media-affiliated cybercrime reports in the US increased at least 300-fold. Mostly disseminated through apps, adverts and links, cryptomining has grown by almost 600 percent and become very popular on Twitter and Facebook.
In his research, McGuire came across cybercrime-as-a-service tools for sale on Facebook, YouTube and Instagram. The availability of these tools online means criminals no longer need extensive hacking skills, as anyone can now buy a botnet or an exploit. As many as 40 percent of social platforms had some sort of hacking tools for sale.
“Facebook Messenger has been instrumental in spreading cryptomining strains like Digmine,” said Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey. “Another example we found was on YouTube, where users who clicked on adverts were unwittingly enabling cryptomining malware to execute on their devices, consuming more than 80 percent of their CPU to mine Monero. For businesses, this type of malware can be very costly, with the increased performance demands draining IT resources, network infections and accelerating the deterioration of critical assets.”
In an age when even companies rely on social media to promote their products and services, or to simply reach out to their fan base, “social media is acting like a Trojan horse into the enterprise, while putting users at risk of scams and fraud,” reads the Social Media Platforms and the Cybercrime Economy report. Research found that social media led to one in five companies getting infected with malicious software.