February 4th, 2008 by Jake Soriano (Technical Communications)
Social networking most commonly translates to connections and even friendships online. Yet recent trends also point users toward system infection – with the ever growing number of subscribers to networking sites also comes a growing number of threats.
Just a month ago, Facebook’s Secret Crush feature was discovered to be loading adware and spyware. Almost at that same time, MySpace was compromised when it was found to be laced with banner ads that install malicious files and programs.
Now, a vulnerability in the image uploader used by MySpace and Facebook was recently discovered by security researchers, bringing about issues of the possibility of exploits and malicious users gaining access to affected systems.
Aurigma’s Image Uploader Control Library was found to have a buffer overflow vulnerability that could be exploited by an unknown user to compromise systems. MySpace and Facebook use the application for their image uploading functions. Researchers are still trying to determine if only a version of the image downloader application had the ActiveX boundary error and if the said social networking sites are using secure versions.
Trend Micro advises users to stand by for patches that would address this said vulnerability. Meanwhile, setting Internet and Local intranet security zone settings to “High” before running ActiveX controls in these zones will prove to be helpful in making one’s system more secure.
Additional note by Paul Ferguson (Fergie):
Also, the SANS Internet Storm Center (ISC) notes today that there have been six (6) highly exploitable ActiveX vulnerabilities announced this week.
And US-CERT.gov has this advisory.
Let’s be careful out there.
February 4th, 2008 by Macky Cruz (Technical Communications)
It has been difficult to put a face (and even a name) on the people behind cybercrime. But while most people may remark on the complexities of investigating online crime, there exists hope in the recent update to the long drawn-out story of the 419 Nigerian scammers. (The 419 scam was so called because of a certain section in the Nigerian Criminal Code: “Obtaining Property by false pretences; Cheating.”)
The IDG News Service reports that three defendants, first named in an extradition request in early 2006, have pled guilty to various counts of conspiracy, wire fraud, and mail fraud. Wire and mail fraud each carries a maximum of twenty years’ incarceration. This conviction is the celebrated follow-up to the arrest of 12 suspected scam artists in the Netherlands by the Dutch police, and the subsequent request from the US to bring them back to US soil for trial. The said arrest involved the confiscation of cash in the amount of almost $50,000, along with computer units and bogus travel paraphernalia. The success of the operation underlined the ever-growing importance of the cooperation of various law enforcement arms from different parts of the world when it comes to border-crossing crimes.
This entire con, for all its grave and tangible monetary implications to its victims, starts off with a message similar in tone to the one shown here. The effectiveness of such email messages in convincing readers to take action against their better judgment is not to be underestimated, as the US Postal Inspection Service has once approximated profits resulting from these scams to be around $2M.
Note that there are several strains of this particular type of scam, and many more originating from Nigeria that play different schemes. Social engineering can often be counted on to break the deal for most sophisticated security setups, so users are advised to err on the side of paranoia, than to open themselves up to the painful effects of being victims to these types of well-thought-out scams.
