Where will real-time search take us?

As you’ve most probably read by now search engines providers have been working on providing so called real time search results. These results include queries to, for instance, Facebook, Twitter and Myspace.

We may not all realize this, but we have just turned yet another technological corner. Everyone will have exponentially more and faster access to personal information now including data from social networks. Everyone naturally includes cybercriminals.

In my opinion, cybercriminals now have a great new opportunity to combine two major threat vectors – Black Hat Search Engine Optimization and social networks. Now turnaround will be faster and more people will see the malicious links created by black hat SEO – something search engines have already failed to control.

This is important, because to date attacks via social networking sites aren’t yet as prevalent or sophisticated as they could be. The gang behind Koobface has recently stepped up their game but overall isn’t really technically advanced. In fact, from where I sit, the development of malware that’s targeting social networks is really reminiscent of that of IM-Worms some years back. It’s the same situation: your friend’s compromised account is used to persuade you to click on a malicious URL. So we’ll probably soon see the social engineering approaches used to spread social networking threats following a similar evolutionary path.

I’m also concerned about how real time search results will affect our online privacy.

Clearly, it’s no coincidence that Facebook introduced their new set of privacy guidelines just days before Google introduced real time search. The recommended Facebook settings – which surely will be used by the vast majority of the Facebook community – put a lot of information into the public and semi-public domains.

Yes, this approach will definitely make real time search results more effective. But I definitely think that the recommended settings expose too much PII.

What does this hold for the future? I’m convinced that real time search is just in its infancy. I’m positive that soon enough search engine providers will offer everyone the opportunity to use real time search with their Facebook/Twitter/MySpace/etc. credentials. This would then allow people to more effectively crawl what their friends – or friends of friends – are up to. An opportunity that the cyber criminals will surely not let go to waste.

Where will real-time search take us?

Your email address will not be published. Required fields are marked *



Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Subscribe to our weekly e-mails

The hottest research right in your inbox