Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Executable code danger in Facebook user walls

Sophos : 08 August, 2008  (Technical Article)
Posts on user walls on Facebook could contain links to sites containing malware in the form of executable code warns Sophos
IT security and control firm Sophos is warning users of Facebook to exercise caution when clicking on links in wall posts, following an attempt by hackers to infect computers by spreading messages containing malicious links on the popular social networking website.

Messages left on Facebook users' walls are urging members to view a video (which pretends to be hosted on a Google website), but clicking on the link and visiting the webpage actually takes users to a site which asks them to download an executable to watch the movie. Sophos warns that the dangerous Facebook messages include a link to a third party website.

The executable file, detected by Sophos as the Troj/Dloadr-BPL Trojan horse, then downloads further malicious code (detected as Troj/Agent-HJX), and displays an innocent image of a court jester sticking his tongue out.

'People have got to learn that clicking on links in messages can lead to a malware infection, whether the messages are in your email or on a site like Facebook. There has been a flurry of malicious emails recently posing as links to videos - so there's really no excuse not to know that this trick is being commonly used by hackers at the moment,' said Graham Cluley, senior technology consultant for Sophos. 'Companies will once again be considering whether it's time to block Facebook in the workplace - not just for the usual productivity reasons, but because of the security threats that sites like this may pose to their organisation.'

Sophos experts believe that businesses need to set policies regarding Facebook usage, and implement web security solutions, to prevent dangers entering the workplace.

'Companies need to make up their own mind as to whether their users should be allowed to access websites like Facebook and MySpace during office hours. If workers are allowed access to these sites, then it's vital that they do not put their personal and corporate data at risk, and that they are fully secured against web-based infections,' explained Cluley. 'The best defence is for businesses to protect themselves with a web security and control appliance which can filter internet access and prevent the downloading of malicious code.'

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against viruses and spam.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo