The Mis-Adventures in Technology of an Old Dog Learning New Tricks…

Posts tagged ‘Facebook’

Getting Loaded: Breaking down the Facebook IPO

Pinterest ties with Twitter and Google for referral traffic, HTC cures security bug, and Facebook reveals finances in its filing to go public.

Netflix Facebook App Feels Push-Back from Senate

After an updated version of the Video Privacy Protection Act passed in the House last month, it’s being debated in the Senate. Depending on what it decides this could changes plans for Netflix‘s future integration with Facebook.

Bingo’s Back: An Inside Look at Zynga Bingo with Nicole Opas

Zynga Bingo brings friends together by adding a fun and competitive social layer to the game. It brings back the challenge, the thrill of victory, friendly competition and the social escape from the classic game.

My Internet Smells Funny! – Smell Your Social Life with Olly

Meet Olly, the web-connected, smelly robot. He, and it is a “he,” takes your @mentions, status updates and more and turns them into the smell of your choice. Created by a London-based designer, Olly is still a Kickstarter project with a $35,00 goal.

Facebook Users Under Attack Again…. “Ramnit” snags 45,000 Usernames & Passwords login info

Online Security has become a growing Industry, for IT professionals as well as Criminals.  It’s an ongoing battle against good and evil that is played out across our connected devices on a daily basis.  Facebook and it’s users are often targeted by hackers, criminals , etc.  The latest tool in their arsenal seems to be the very effective “Ramnit” worm, which has recently been credited with capturing more tha n 45,000 Facebook log in credentials.

Seculert Cyber Threat management writes……..

Much has been written about the Ramnit worm and its transformation into a financial malware. And now, Seculert’s research lab has discovered that Ramnit recently started targeting Facebook accounts with considerable success, stealing over 45,000 Facebook login credentials worldwide, mostly from people in the UK and France.

Discovered in April 2010, the Microsoft Malware Protection Center (MMPC) described Ramnit as “a multi-component malware family which infects Windows executable as well as HTML files”, “stealing sensitive information such as stored FTP credentials and browser cookies”. In July 2011 a Symantec report [PDF] estimated that Ramnit worm variants accounted for 17.3 percent of all new malicious software infections.

In August 2011, Trusteer reported that Ramnit went ‘financial’. Following the leakage of the ZeuS source-code in May, it has been suggested that the hackers behind Ramnit merged several financial-fraud spreading capabilities to create a “Hybrid creature” which was empowered by both the scale of the Ramnit infection and the ZeuS financial data-sniffing capabilities. This synergy has enabled Ramnit to bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks. With the use of a Sinkhole, we discovered that approximately 800,000 machines were infected with Ramnit from September to end of December 2011.

Figure 1: Number of Ramnit Infected Machines Between September 2011 and December 2011

It seems, however, that this is not the last twist. Recently, our research lab identified a completely new ‘financial’ Ramnit variant aimed at stealing Facebook login credentials. Since the Ramnit Facebook C&C URL is visible and accessible it was fairly straightforward to detect that over 45,000 Facebook login credentials have been stolen worldwide, mostly from users in the United Kingdom and France.

Figure 2: Ramnit.C Facebook Infection Distribution By Country

Figure 3: Ramnit Command & Control Server with Visible Facebook Accounts files

We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further. In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.

With the recent ZeuS Facebook worm and this latest Ramnit variant, it appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands.

* Seculert has provided Facebook with all of the stolen credentials that were found on the Ramnit servers.

They Like Me! They Really Like Me! – Facebook Sued Over ‘Like’ Ads

Facebook is facing a lawsuit over how they do advertisements using “likes” and friends on the social networking site.

Mark Zuckerberg Hacked; Private Photos Leaked Because of Facebook Glitch

Mark Zuckerberg‘s Facebook page was hacked in the latest privacy breach on the social networking site. A series of 14 personal photos were posted on the website Imgur under the heading ?It?s time to fix those security flaws, Facebook.? They include one picture of the Facebook CEO holding a dead chicken. Facebook says the glitch resulted from a bug in one of its tools that lets users report inappropriate images and that the site was vulnerable for only a short period of time. The breach comes a week after Facebook reached a settlement with the Federal Trade Commission, agreeing among other things to make sure that the privacy of users? information is protected.

Tag Cloud

%d bloggers like this: