For Beginner

VIRUS ATTACK HITS FACEBOOK

A huge attack by a rogue Facebook application last weekend infected users PCs with popup-spewing adware, a security researcher said Monday.

On Saturday, AVG Technologies received more than 300,000 reports of the malicious Facebook app, said Roger Thompson, AVGs chief research officer. AVG came up with its tally by counting the number of reports from its LinkScanner software, a free browser add-on that detects potentially poisoned pages.

"It was stunning, really, the number," said Thompson in an interview via instant message late Monday. "And stunning that it was not viral or wormy [but that] Facebook did it all by itself."

The volume of reports on Saturdays rogue Facebook software was highest during the nine-hour period between midnight and 9 a.m. Eastern, with spikes of approximately 40,000 per hour coming at 7 a.m. and noon. For the day, AVG received more than 300,000 reports, triple that of AVGs second-most-reported piece of spyware.

According to Thompson, Facebook eradicated the rogue application about 15 hours after the attack started. Facebooks only acknowledgment of the attack came on its security page, where a "Tip of the Week" Monday morning read: "Dont click on suspicious-looking links, even if theyve been sent or posted by friends."

But other security firms also noted the attack. Both U.K.-based Sophos and U.S. security company Websense dubbed the attack "Sexiest video ever," based on the message that appeared on Facebook users walls, seemingly from their Facebook friends.

Clicking on the link lead users to a Facebook application installation screen, where users were asked to allow the software to access their profiles and walls. Once approved, the application claimed that users had to download an updated version of FLV Player , a popular free Windows video player.

The download was nothing of the sort, but instead the notorious Hotbar adware , a toolbar that inserts itself into Internet Explorer, then starts displaying pop-up ads and links.

The attack spread as the malicious Facebook app posted the same "Sexiest video ever" message on the walls of victims friends.

According to Thompson, the massive attack demonstrates the power of large social networking sites.

"Facebook is very responsive to threats when we identify them, and removing these applications as soon as they find them, but theyre still able to generate huge traffic, just because of the viral nature of social networks," he said in a statement earlier Monday. "It is staggering how many threats were propagated before they were stopped."

Criminals have recognized the value of abusing Facebook to spread adware, launch identity theft attacks or plant malware on users PCs. Kaspersky Lab, for example, recently estimated that almost 6% of all identity theft attacks originated from Facebook in the first three months of the year, putting the site in fourth place behind PayPal, eBay and the London-based bank, HSBC.

"This was the first time since we started monitoring that attacks on a social networking site have been so prolific," Kasperskys report said.

Websense offers a free tool called Defensio that, among other things, protects Facebook pages against spam, unwanted URLs and malicious content.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld . Follow Gregg on Twitter at @gkeizer or subscribe to Greggs RSS feed . His e-mail address is gkeizer@ix.netcom.com .

Read more about web 2.0 and web apps in Computerworlds Web 2.0 and Web Apps Knowledge Center.

http://www.itnews.com/networking/17921/huge-sexiest-video-ever-attack-hits-facebook?page=0,0

_________________________________________________________________

Opticom cares

To advertise here

email your advert to: opticomsolns@gmail.com

Posted by Unknown at 2:45 AM

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest

Labels: attack, facebook, hits, virus