Identifying Malicious Blogspot pages used by Koobface

Koobface is still going strong despite not making the headlines so much anymore. Well, the Koobface gang took the time to send a Christmas card and wish security researchers a happy new year. Very nice of them… For a couple of days now I’ve been looking at their infection method and trying to see any…

Read More

January 6, 2010 | by

Not-so funny jokes

Activities associated with Koobface have increased during the month of December. Often it is for the sending of traffic to compromised servers in order to obtain more servers. Other times the activity centers around using those same compromised servers to proxy users to malicious domains that are then used for further distribution of malware or…

Read More

December 29, 2009 | by

Facebook and Twitter Security – And How to Stay Safe!

Hopefully, the holiday season has found you spending a good amount of time offline: enjoying moments spent with friends and family, keeping long-standing traditions or creating new ones to follow for seasons to come, or just relaxing due to some downtime from work or school. It wouldn’t come as much of a surprise, though, if…

Read More

December 29, 2009 | by

Facebook: money mule or credit card

I was just looking at Facebook to check for spam and scams when I found this: I’ve blurred out a few things for privacy, and, most crucially, safety. The point of this post is the domain name. The spaces around the dot and the zero in “C0M” are just as they were in the original…

Read More

December 22, 2009 | by

Check Your Friends! Facebook IMs May Lead To Trouble

I ran into a few strange IMs over the weekend. When I was not shoveling out my driveway from the 15 inches of snow that covered it I was logged into Facebook telling people about it…. It was then that I started receiving some VERY interesting IMs from a friend extolling the virtues of a…

Read More

December 21, 2009 | by

“OH” “OH” “OH”, Santa Delivering FakeAV Presents

Following on from the latest Captcha techniques used by the W32/Koobface worm, it seems that the malware authors have turned to Santa for help to deliver it’s nasty surprise which awaits Facebook users. The infection drops other trojans such as FakeAlert and leaves the user renderless. It all begins with a post on a user’s…

Read More

December 14, 2009 | by

“Everyone” may not be your friend

There were two news stories recently that seemed to coincide. In the first, Cisco issued an annual security report which said the two current targets of the Internet criminal underground are banks and social networks. Banks because, well, we all know what they keep there. Social networks are targets because that’s where weakly protected password…

Read More

December 10, 2009 | by