This link has been bookmarked by 1 people . It was first bookmarked on 05 Jan 2008, by Bill H.
-
05 Jan 08
Bill HResearchers at security gateway vendor Fortinet have uncovered an adware-distribution scheme being carried out on the Facebook social networking site considered to be the first attack propagated on the wildly popular online portal.
-
Disguised as a legitimate "Secret Crush" request on the site designed to inform Facebook users about other members who find them attractive, the application instead attempts to secretly install an adware program made by Zango after it has been successfully downloaded.
-
the attack illustrates the growing capability of badware distributors to tap into the trusted relationships fostered among users of social networking sites to pass out their latest threats.
-
MySpace, an even larger social networking site with an estimated 250 million users, has been subverted on multiple occasions by malware attackers during the last year.
-
"At its core, Facebook is an incredible online marketing tool, people are on there openly providing their names, birthdays and a wealth of other information about their religious and political views, or their favorite books and movies," Lovet said. "If attackers have access to all that data, they can use it to craft attacks and use popular demographics they discover to create additional threats that tap into any of those themes."
-
Security experts have tabbed the use of social networking sites including MySpace and Facebook for the delivery of malware as one of the most significant trends they expect to emerge during 2008.
-
As such, many vendors are actively encouraging businesses to block or monitor use of the programs to protect their networks and computers from being infected by nefarious applications.
-
"Their Internet use policies need to include social networking sites, blogs, and music and video-sharing sites, and the permissions need to be spelled out specifically," Henry said. "Beyond that they need technical safeguards to help enforce those policies where necessary. The troubling part about this is that most companies are still having problems dealing with far more traditional threats."
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.