Cybercrime '09: Too Late to Save Facebook?

Flash files, Facebook are the hottest new targets for attacks, says research

A warning to those who love such social media sites as Facebook: The bad guys are coming for you.

A slew of security vendor reports on risks to expect in 2009 point to Facebook, Myspace and other such sites as increasingly tempting targets among hackers looking to dupe people out of their sensitive information. PDF and Flash files, once considered safe, are now a threat as well.

The findings on Flash and PDF is seen in a report released Tuesday from security-products firm Finjan. The research finds cybercriminals are increasingly using PDF and Flash files as a vehicle for distributing their malicious code and for infecting end-user PCs. The Web Security Trends Report Q4 2008, released by Finjan's Malicious Code Research Center (MCRC) found criminals take advantage of the specific functionality available in Flash Action Script that enables the Flash file to interact with its hosted web page (DOM). They embed their malicious code in Flash files and dynamically inject it into the hosting DOM to exploit a browser-vulnerability and to install a Trojan, said Finjan officials. Although Flash supports the functionality to prevent such interactions, many sites owners are not using it, according to Yuval Ben-Itzhak, chief technology officer of Finjan.

The report states that large ad networks serving Flash-based banner ads did not prevent their ads from interacting with the hosting web page. The lack of configuration by ad networks to prevent this interaction, between the served Flash-based ad's Action Script and the DOM, has become a new vector for cybercriminals to serve their malicious code undetected.

"Using rich content applications such as Flash files to distribute malicious code has become the latest trend in cybercrime," said Ben-Itzhak. "Having the widespread distribution and the popularity of Flash-based ads on the Web, their binary file format enables cybercriminals to hide their malicious code and later exploit end-user browsers to install malware."

Finjan's report also predicts cybercrime will continue to rise as an increasing number of unemployed IT professionals join in and criminals will continue to use Web 2.0 as a portal for scams.

UK and Boston-based firm Sophos also published its Security Threat Report 2009 on Tuesday. The research reveals that more malware is hosted on US websites and more spam is relayed from American computers, than any other country. In fact, the November shutdown of McColo, an American web hosting firm which was accused of collaborating with spammers and hackers, caused a 75 percent drop in spam, noted Cluley.

"Not only is the United States relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it's also carrying the most malicious webpages," said Graham Cluley, senior technology consultant for Sophos, in a statement. "We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today."

Tags cybercrimeFacebook

Show Comments