IT Knowledge Exchange

Register

Forgot Password

Site FAQ

Advertisement

Home > IT Blogs > Security Bytes > Some Facebook applications lead to Russian attack sites

» VIEW ALL POSTS Oct 15 2009 1:15PM GMT

Some Facebook applications lead to Russian attack sites

Posted by: Robert Westervelt

social networking flaws, Rogue Antivirus

Poor coding on some Facebook apps lead to websites pushing malware, rogue antivirus.

Security researchers at antivirus vendor AVG Technologies have discovered that faulty coding in some Facebook applications are being targeted by cybercriminals. Roger Thompson, chief research officer of AVG cited several hacked Facebook applications that appear to be pushing Facebook users to Russian-based attack websites that push out malware and rogue antivirus software. In a blog entry, Thompson cited several examples and called the application developers victims, not the perpetrators of the attacks.

Initially, we thought that the applications were deliberately acting as lures, but it now seems to us that they are victims themselves. The difficult part for them will be to find and plug the hole that the DataSnatchers are using to hack the applications.

So far, about eight Facebook applications have been targeted by the cybercriminals. Most of the applications are games. Check out Thompson’s blog entry for the list. He warns that there could be more.

Comment

RSS Feed

Comment on this Post

You must be logged-in to post a comment. Log-in/Register

Visit Information Security Home | Information Security News | Information Security White Papers | Information Security Videos | Information Security Resources

Ask an IT Question

About the Blogger

Robert Westervelt

Twitter.com/rwestervelt Rob is a news reporter and editor for SearchSecurity.com. Since joining TechTarget in July 2003, Rob has covered SAP, Oracle and the database industry for SearchDatabase.com, SearchSAP.com and SearchOracle.com. Prior to joining TechTarget, Rob was a newspaper reporter for five years at The Day in New London, Conn., where he wrote a variety of crime, general news, government and business stories while covering towns in Southeastern Connecticut. A military veteran, Rob served four years with the U.S. Air Force, U.S. Forces Police in Kaiserslautern Germany. He holds a degree in journalism from the University of Connecticut. READ MORE

>> READ MORE ABOUT THE BLOGGERS

Browse This Blog's Tags

Antivirus, antivirus software, Application Security, banking Trojan, cloud antivirus, cloud security services, Compliance, Conficker, cyberwarfare, Data Breaches and Identity Theft, Data Breaches and Identity Theft, data security, data security breach, exploit toolkits, federal cybersecurity, Firefox security, Identity and access management, Information Security Careers, Information Security Threats, iPhone security, Laws, Investigations and Ethics, malware, Microsoft Security, midmarket security, Mike Rothman, mobile malware, Mozilla security, Network Security, patch management, patching, PCI compliance, Phishing, Platform Security, Privacy, ransomeware, risk, Rogue Antivirus, Security, security budgets, security jobs, Security Management, Security Vendor News, SEO attacks; rogue antivirus, smartphone attacks, social engineering, social networking flaws, Twitter security, Uncategorized, web application flaws, Zeus Trojan

Security Wire Daily News

brought to you by SearchSecurity.com

CISOs take measured steps to reduce social media risks
With sales and marketing teams using social networks to connect with clients and potential customers, CISOs need to meet business needs while addressi...READ MORE

Microsoft to fix 26 flaws in Windows, Office
The Microsoft Advance Notification warns of five critical bulletins across its product line. A total of 13 bulletins address 26 vulnerabilities.

Microsoft warns that IE zero-day vulnerability causes data leakage
A new Microsoft advisory warns of a zero-day vulnerability that could result in information disclosure for users of Windows XP.

Tripwire enters tumultuous SIEM market
With companies driven to SIEM by PCI and other compliance projects, Tripwire is the latest vendor to emerge. Analysts like SIEM technology, but predic...READ MORE

Microsoft extends SDL program, adds Agile development template
Microsoft is adding support for Agile Development Methodologies to its Security Development Lifecycle program. A simplified SDL white paper is also be...READ MORE

Blog Roll

Help

Subscribe to Alerts

RSS feed of Security Bytes

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.

All Rights Reserved, Copyright 1999-2010, TechTarget | Read our Privacy Policy | Site Map

Podcast Powered by podPress (v8.8)