anjoenk.blogspot.com |
It's been six years since Facebook was born, expanding from the student body at Harvard University to a worldwide social network with 500 million members. Along the way, its popularity drew attention from that ever-present, unwanted group that follows the rest of us- cyber-scammers. The recent "Dislike" button scam is far from the end; it is just another example of how attackers follow the user community. With that in mind, eWEEK is highlighting some of the ways attackers have used and abused the most popular social networks of our day. In no particular order, here are our top social network-based attacks and security issues of the year and what you should be on the lookout for.
- -It needs no introduction. Koobface has tormented users of numerous social networks for the past two years or so, including MySpace and Facebook. During that time, Koobface has evolved in a number of ways, and has been linked to rogue antivirus and malware posing as an Adobe Flash Player update.
- During Memorial Day weekend, a clickjacking worm squirmed its way into the lives of hundreds of thousands of Facebook users. The scam worked this way: A message such as "The Prom Dress That Got This Girl Suspended from School" was used as a lure. Clicking on the link that came with the message led users to a third-party site, and clicking anywhere on that page published the initial message on the victim's Facebook page, marked the page as something the user liked and recommended the page to their Facebook friends. In response, Facebook blocked the malicious site associated with the attack.
- From time to time, social networks are hit with malicious applications. Trend Micro recently found a number of rogue apps on Facebook (with names such as "Stream" and "Birthday Invitations") that sent users to a known phishing domain with a page claiming they needed to enter their login credentials to use the application. Victims would then be directed to the Facebook site. Facebook removed six of the apps identified by Trend by Aug. 20. Unfortunately, more popped up. Users should be wary of applications from unknown developers and that request personal information.
- In April, users of the popular "Farm Town" game on Facebook were hit with a rogue antivirus scam tied to malicious advertising.
- In 2009, security expert Jose Nazario found attackers were using Twitter as a means to send commands to infected computers. In July, EMC's RSA security division uncovered a scheme that used an unidentified social networking site to send commands to a Brazilian banker Trojan. The good news is once detected, removing these types of C&C points is relatively simple and quick.
- Just when you thought it was safe to click on a link with a racy picture, the "Distracting Beach Babes" attack struck. Messages were posted on the walls of Facebook users, and the thousands who clicked on the messages were directed to a rogue Facebook app that, if given permission to run, urges users to upgrade their FLV player and directs them to download adware to their computer.
- This survey scam spread virally throughout Facebook. Using the tried-and-true method of enticing messages about celebrities and news (for example, "Justin Bieber trying to flirt"), the scammers tried to trick users into giving them access to their profiles. If a user installed the "dislike button," the app updated their Facebook status to promote the link that tricked them. The app then prompted users to fill out an online survey and directed them to a Firefox browser add-on.
2011
Sophos Security Threat Report reveals increase in social networking security threats Study uncovers dramatic increase in malware, phishing and spam via social networks
IT security and control firm Sophos has today published its Security Threat Report 2011, analysing cybercrime during the last year and looking at IT security trends to watch in 2011.
A highlight of the report is the findings of Sophos’s latest 'Social Security' survey*, which polls computer users on their experiences of social networking security threats.
The survey charts user experience of social networking, particularly in the workplace.
By mid-2010, Facebook recorded half a billion active users, making it not only the largest social networking site, but also one of the most popular destinations on the web.
Unsurprisingly, this massive and committed user base is heavily targeted by scammers and cybercriminals, with the number and diversity of attacks growing steadily throughout 2010 – malware, phishing and spam on social networks have all continued to rise in the past year.
Sophos polled users asking if they had received spam, phishing or malware attacks via social networks.
The survey found that:
* 40% of social networking users quizzed have been sent malware such as worms via social networking sites, a 90% increase since April 2009
* Two thirds (67%) say they have been spammed via social networking sites, more than double the proportion less than two years ago
* 43% have been on the receiving end of phishing attacks, more than double the figure since April 2009
"Rogue applications, clickjacking, survey scams – all unheard of just a couple of years ago, are now popping up on a daily basis on social networks such as Facebook," said Graham Cluley,, senior technology consultant at Sophos. "Why aren't Faceboook and other social networks doing more to prevent spam and scams in the first place? People need to be very careful they don’t end up being conned for their personal details, or get tricked into clicking on links that could earn money for cybercriminals or infect innocent computers."
Although results vary across the individual networks of Facebook, Twitter, MySpace and LinkedIn, the latest poll suggests that half of those surveyed have been given unrestricted access to social networks at work. Paradoxically, 59% believe employee behaviour on social networking sites could endanger corporate network security, and 57% worry that colleagues are sharing too much information on social networks.
"Total bans on users accessing social networking sites are becoming rarer, as more firms recognise the value such sites can bring in raising brand awareness and delivering social media marketing campaigns," explained Cluley. "If your business isn't on Facebook, but your competitors are, you are going to be at a disadvantage. But you have to be aware of the risks and secure your users while they're online."
OnMouseOver Twitter worm attack named the biggest social networking worm of 2010
Although 82% of the survey’s respondents felt that Facebook posed the biggest risk to security, Sophos has labelled an attack on the Twitter micro-blogging network as the biggest single social networking security incident of 2010.
The infamous onMouseOver Twitter worm hit the Twitter site in September 2010, and spread like wildfire. The cross-site-scripting (XSS) attack demonstrated how quickly a vulnerability on a social network can affect a huge number of users. High-profile victims included ex-Prime Minister's wife Sarah Brown, Lord Alan Sugar, and even Robert Gibbs, the press secretary to US President Barack Obama.
Politics and cybercrime - WikiLeaks and Stuxnet
Undoubtedly the most high profile IT security story of 2010 was the WikiLeaks saga, which saw a number of Distributed Denial-of-Service (DDoS) attacks launched against companies withdrawing support for the controversial whistleblowing site.
There was also the widely reported Stuxnet worm, linked with targeting SCADA systems used for industrial applications, including nuclear facilities. These exemplify the development of cybercrime from the initial stages of proof-of-concept and mischievous virus-writing, through financially motivated, organised criminal activity – undoubtedly still the primary threat – and finally a third, political motivation – a trend predicted to continue.
Top 10 malware-hosting countries, January-December 2010
France moves to second place in top ten, as European websites host malware
In addition to increasingly prevalent social networking threats, tried and tested cybercrime tactics continue to plague internet users. Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for attack, as hackers who compromise them can distribute malware to unsuspecting internet users.
The USA continues to be the home of most infected webpages. However, over the past six months alone, European countries have become a more abundant source of malicious pages, with France in particular displacing China from the second spot, increasing its contribution from 3.82% to 10.00% percent of global malware-hosting websites.
"Many computer users still don’t realise that you can wind up with something nasty on your machine simply by visiting a website," continued Cluley. "Over the year, we saw an average of 30,000 new malicious URLs every day – that's one every two-to-three seconds. More than 70 percent of these are legitimate websites that have been hacked – this means that businesses and website owners could inadvertently be infecting their patrons unintentionally and without knowledge."
The full Security Threat Report 2011 contains much more information and statistics on cybercrime in 2010, as well as predictions for emerging trends, and can be downloaded free of charge from the Sophos website.
*Sophos online survey, 1273 respondents, December 2010
eWeek | SOPHOS
Tidak ada komentar:
Posting Komentar