[Zscaler ThreatLabZ][3]'s Vice President of Security Research Michael Sutton said of Facebook in his [2012 predictions][4]:
The majority of malicious activity surrounding social networks today primarily involves unwanted or nuisance traffic, as opposed to attacks that lead to a fully compromised machine.
We're seeing an increase in [likejacking][5] and [self-inflicted JavaScript injection][6] attacks that have the same overall goal -- drive web traffic or prompt software downloads that can earn the scammer a few cents per click.
Social networks such as Facebook are of value to more serious criminals, but mainly for reconnaissance during targeted attacks. They are a great resource for learning background information about individuals and uncovering relationships, all of which can be of great value for social engineering.
We're not, however, commonly seeing the communication aspects of social networks used to deliver malicious payloads directly to victims or investments in uncovering web application vulnerabilities used to compromise end user machines, as opposed to spreading the aforementioned scams.
In 2012, attackers will raise the bar and leverage social networks for more sophisticated attacks, the goal of which will be full compromise, as opposed to marketing financial scams.
This prediction sounds like what security vendors say every year -- always warning that future attacks will become more sophisticated, without providing real detail.
Readers, are you worried about security on Facebook?
[![][7]][8]
[![][9]][10]
[![][11]][12] [![][13]][14] [![][15]][16]
![][17]
[1]: http://www.allfacebook.com/wordpress/wp-content/uploads/2011/09/ZscalerShield.jpg (ZscalerShield)
[2]: http://www.allfacebook.com/wordpress/wp-content/uploads/2011/09/ZscalerShield.jpg
[3]: http://www.allfacebook.com/facebook-warning-2011-11 (WARNING: Zeus Banking Trojan Targets Facebook Users)
[4]: http://research.zscaler.com/2011/12/2012-security-predictions.html (2012 Security Predictions )
[5]: http://www.allfacebook.com/zscaler-threatlabz-takes-on-facebook-likejacking-2011-09 (Zscaler ThreatLabZ Tackles Facebook Likejacking)
[6]: http://www.allfacebook.com/facebook-porn-attack-2011-11 (Facebook Porn Was 'Self-Inflicted JavaScript Injection')
[7]: http://feedads.g.doubleclick.net/~a/HuFXt5Pa2SHE3uQ8pwWiKgoDy-o/0/di
[8]: http://feedads.g.doubleclick.net/~a/HuFXt5Pa2SHE3uQ8pwWiKgoDy-o/0/da
[9]: http://feedads.g.doubleclick.net/~a/HuFXt5Pa2SHE3uQ8pwWiKgoDy-o/1/di
[10]: http://feedads.g.doubleclick.net/~a/HuFXt5Pa2SHE3uQ8pwWiKgoDy-o/1/da
[11]: http://feeds.feedburner.com/~ff/allfacebook?d=pnQdOprp5To
[12]: http://feeds.feedburner.com/~ff/allfacebook?a=wi03v7Mfh2Q:bTRkhiPGuFc:pnQdOprp5To
[13]: http://feeds.feedburner.com/~ff/allfacebook?d=qj6IDK7rITs
[14]: http://feeds.feedburner.com/~ff/allfacebook?a=wi03v7Mfh2Q:bTRkhiPGuFc:qj6IDK7rITs
[15]: http://feeds.feedburner.com/~ff/allfacebook?i=wi03v7Mfh2Q:bTRkhiPGuFc:gIN9vFwOqvQ
[16]: http://feeds.feedburner.com/~ff/allfacebook?a=wi03v7Mfh2Q:bTRkhiPGuFc:gIN9vFwOqvQ
[17]: http://feeds.feedburner.com/~r/allfacebook/~4/wi03v7Mfh2Q
URL: http://feedproxy.google.com/~r/allfacebook/~3/wi03v7Mfh2Q/facebook-attacks-warning-2011-12
No comments:
Post a Comment