Behavioral monitoring malware

Behavioral monitoring malware is a new class of malware that mines many of the social networking sites for behavioral patterns. What I mean by behavioral patterns is that it will monitor what kind of websites you like, who you associate with, the kinds of things you buy. This kind of information is a goldmine for marketers. It allows them to build profiles of individuals outside a greater scope of sex, age, and location. Now they can know that your friends with x,y,z or that your a Chihuahua enthusiast who loves NASCAR. This kind of information can  be more insidious then more conventional malware.

Through this information they could then targets ads just for you or extending beyond marketing, unique attacks. We’ve talked about phishing attempts before in class and how its always kind of broad message to get as many people as possible. Thanks to behavioral pattern malware they can now easily tailor specific attacks just for you even if your some nobody. The usual malware targets things like credit cards or accounts and passwords. While these can cause trouble and be an inconvience you can at least cancel a credit card or change your password. But once they know who you are your in trouble. You can’t just change everything about yourself. Your not going to get rid of your friends and family and stop liking the things you do.

Some of the interesting technical aspects about this malware is it’s able to recognize who is on the fringe of social connections. That is if I’m someone who posts prolifically on twitter or Facebook and have lots of followers/friends, I’m going to stand out as a greater target compared to someone who has very few. Since I would have lots of connections I become a greater target because through my connections it can move on to new targets. Another interesting thing is that they infect unconventionally comapared to the usual malware. Most malware attempts to infect as many devices as fast as possible, while behavior patter malware would want to take its time in order to go unnoticed and collect as much information as it could.


3 thoughts on “Behavioral monitoring malware

  1. So what they are saying is that more people (nobodies) could be targets of spear-fishing attacks. Interesting. I wonder how much longer it will be until there are more reports of blackmail schemes (threats to leak internet search habits to social contacts unless a ransom is paid). With more of the world being connected and jobs becoming more scarce, I guess this could be one of those “work from home” jobs.

    • Yep, spear-fishing can only really be done on targets that you have information on so that way you can tailor the attack to that specific person in order to increase the chance they’d fall for it. Previously that could usually only be done on high profile people who had some kind of public exposure, people the attacker knew personally, and I guess if one had the time and means they could physically go out and find this kind of thing out. This way though all the data is served to the attacker, so physical boundaries like distance become a non issue.

  2. People will make the time if this type of hacking will provide more money than what they are accustomed to. Also, with cheaper computes and more wireless connections more people (good or bad) have access to the internet. And don’t forget motivation. Remember, the motivation for hacking: Money, Ideology, Compromise, and Ego. There are almost too many reasons to do it rather than get a real job in an impoverished country.

Comments are closed.