Monday, February 23, 2009

Hacking Web 2.0

In another indication of how easy it is for malware authors to leverage Web 2.0 technologies, spammers have taken control of a Facebook group with more than 1.5 million users.

The group, "5,000,000 against the new version of Facebook", was set up by Adam Stanborough in September 2008 for Facebook members unhappy with the social networking site's redesign in July. It gained one million members within 12 days, according to the Herald and Weekly Times.

A blog posting at Graham Cluley's Make Money Fast said spammers had put up advertisements on the site. Cluley is senior technology consultant for security vendor Sophos,

These advertisements are for get-rich-quick schemes and users who access the group are greeted with a description that reads
“PLEASE NOTE ... Facebook looks like it will keep the new facelift, however please read below to see how i have now made over 130 K USD$ in 3 months, and now i want to share with you how i did so you to CAN MAKE MONEY !”

Messages promoting other products, such as dating and seducing guides, are also sent to the 1,5 million users, who at one point had a good reason for signing up with the group.

"Our investigation showed a third party was involved in distributing the spam," Facebook spokesperson Barry Schnitt told by e-mail. "We've cleaned up the site."

This is the latest attack on a social networking site by malware authors exploiting Web 2.0 technologies to distribute spam.

In January, hackers broke into the Twitter accounts of then President-elect Barack Obama and 32 other people, prompting the micro-blogging service to tell users to change their passwords.

Just one day later, spammers launched attacks using fake profiles of celebrities on the LinkedIn professional social networking site and on Google (NASDAQ: GOOG) Blogspot.

Late last month, Websense Security Labs found that hackers were distributing malware through blogs on, an online community site put up by President Obama's team. Their blogs led to a Web site purporting to host a YouTube pornographic video. Clicking on that video would ultimately lead to visitors downloading malware onto their PCs.

The hackers have been distributing their URLs all over the Web by adding them to their comments on various blogs and leveraging user generated content management systems used by Web 2.0 sites.
The threat to legitimate Web sites

According to predictions from a survey conducted by messaging and data protection firm Websense, hackers are increasingly compromising legitimate sites, mainly social networking or search sites. They are able to target the Web 2.0 elements of these sites because the sites allow users to upload their own content.

No comments: