WebSense Security Labs reports that the President's pre-election social network My.BarackObama.com, is being used by at least a handful of parties to spread malicious Trojans to unsuspecting network users.Social media has been exhilarating so far - but are you ready to see it become a much bigger target for nefarious forces as it becomes more mainstream?
Now that the "most powerful man on earth" is a "web 2.0" fan, we expect to see attacks and security challenges emerge on a much more significant scale.
According to the Websense report, multiple blogs have been created on My.BarackObama that contain images labeled as YouTube videos, but are linked to a 3rd party site that delivers a Trojan executable posing as a required video codec. Links to the offending blogs are now spread throughout forums and blog comments all over the web. Problems like this were first reported this Spring but have apparently remained unresolved and are expected to increase with Obama's election.
It's a smart attack, as evil moves go, as YouTube and Obama are trusted and video players often require downloads for Flash or other upgrades. Hundreds of thousands of people probably downloaded the proprietary applet required to view the inauguration on CNN.com without a moment's thought, for example.
If you thought that some of these sites were big targets before, we expect them to become even more so as they grow increasingly mainstream. Just as scores of people fall for phishing attacks due to inattention to or unfamiliarity with the behavior of browsers and their address bars - typical users can hardly be expected to be familiar with the standard behavior of a world of donkly widgets. How many of us long-time users really are? The site UTube.com still gets almost 1 million unique visitors each month, for goodness sake.
We expect that the job of new WhiteHouse social media director Macon Philips will involve at least as much security as it does marketing and communication. That part doesn't sound like a whole lot of fun.