Does Gaga attack signal a change in tactics for social media scammers?

The news that Lady Gaga

Clearly, the simplest way to do this is to guess the password used for these accounts. With many people using one login point for a number of social media platforms, it’s possible that finding one right password could have given someone easy access to Gaga’s Facebook and Twitter feeds.

However, we’d like to think that – especially given this summer’s furore over the Fox News Twitter feed claiming Barack Obama had died – those running high-profile accounts at least follow some basic rules in password security.

So what other possibilities are there? It may be that, as awareness of social media security increases, this attack signals a change in tactics by cybercriminals to continue exploiting the medium. The person running Gaga’s account could have been the victim of a spear phishing attack. This technique has been used in more serious attacks, such as the one involving Mitsubishi back in September, so it’s reasonable to expect the same tactics being applied here, too.

As in the Mitsubishi attack, the email may be designed to trick the recipient into installing malware such as a zbot Trojan, which can then automatically steal details such as passwords. This could be through carefully crafted personal information – appropriately gained from social media sources the recipient has an account with – which can be used as the “trigger” to convince them into opening a malicious attachment containing the payload.

Without more details on this specific attack, we can’t say for sure what tactics were used. However, the increasingly simplicity with which spear phishing attacks can be automated and delivered – combined with the huge potential to be gained from exploiting millions of Twitter followers or Facebook fans – makes the use of malware in these celebrity attacks a strong option.

About the author


Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.