The demand for compromised social network accounts is now so big on the cybercrime black market that, according to the latest research, just one such underground site has 1.5 million of them for sale.
The international reach of social networks has meant that these sites have become the de facto target for cyber criminals today. As I mentioned previously, they have become popular homes to malware mules. Now iDefense, the cyber security intelligence arm of VeriSign, has uncovered one user called 'kirllos' at a particularly popular crime marketplace site that advertises social networking login details who claims to have 1.5 million compromised accounts. The user is selling these in bulk, at a going rate of $25 per 1,000 accounts with 10 contacts or fewer or $45 for over 10 online friends.
Oddly enough, those accounts that have zero contacts are also rather popular, not least as they make for a good vessel to distribute malware through the exploitation of site vulnerabilities to execute scripts which use friend finder tools to request additional contacts.
Rick Howard, director of intelligence at VeriSign iDefense, warns that the "increasing exploitation of the hundreds of millions of social network users globally signifies a key shift in focus for cyber criminals. The trend for harvesting information from social networking sites has been around for some time now, however cyber criminals typically limited their attacks to social media sites within their own geography. For example, Russian cyber criminals have, typically, targeted users of VKontakte (VK) – a social networking site popular in Russia, Belarus and Ukraine. The malicious exploitation of VK users is almost exclusively limited to cyber criminals within these nations. However the increasing exploitation of users of popular international platforms is important as it signifies that criminals are becoming more and more internationalised – these sites provide a convenient platform for criminals to expand their trade around the globe".