Facebook once again faces the very real possibility of being attacked by cyber criminals. The U.S. Computer. Emergency Readiness Team posted a bulletin on Monday warning users of critical vulnerabilities contained in control that provides the ability to upload photographs, used by the popular social networking sites.
Specifically, the ActiveX control allows users to upload images using the Internet Explorer Web browser. The feature contains multiple stack buffer overflow vulnerabilities in several properties, which include Action, ExtractExif, and ExtractIptc, and testing has thus far shown that versions up to and including 5.0.30 could be susceptible. The vulnerabilities directly affect users running IE on a Windows platform, which automatically comes equipped with the ActiveX control.
If exploited, the errors contained in the Image Uploader could potentially allow a remote attacker to execute malicious code and completely take over a user’s machine. Attackers could lure Facebook users running IE on their PCs with a Web page or HTML attachment infected with malicious code. A hacker could then turn the user’s computer into a boot or shut down the system completely in a denial of service attack, security experts say. In its review of the year,
MessageLabs noted that websites such as Facebook, Linked-In and Plaxo presented rich pickings for identity thieves looking to gather personal information.
As the same company warned in November, scammers are now researching their targets and attempting to lure them to infected websites that will download invasive code to their personal computers. MessageLabs tracked several attacks on senior executives, including one aimed at 1,000 individuals in the finance sector during November 2007.During the year, MessageLabs identified an average of 1,253 new web sites per day that harbored malware, equating to nearly half a million new malicious sites. It also found that social networking tools were the third most common trigger of its web security filtering rules.
As the MySpace Trojan indicates, malware attacks are becoming increasingly sophisticated. In Finjan’s annual report, chief technology officer Yuval Ben-Itzhak warned of “Trojan 2.0″ attacks that would exploit new web technologies such as social networks, blogs, RSS feeds and so-called “mash-ups”. Hackers are getting paid according to the number of users they infect, so their main motivation is to develop attacks that go undetected for as long as possible. This development has spawned new techniques to evade signature-based and database-reliant security methods, he explained. For example, Finjan recently identified and named a Trojan virus Random JS Toolkit that changes every time it is accessed from an infected website, making it extremely difficult to block. These Trojan 2.0 attacks represent a quantum leap for hackers in terms of technological sophistication, and pose a serious challenge to the IT community