Dark Reading
Protect The Business - Enable Access
Do more than just cursory scans. Develop
a holistic approach to app security.
Find out how!
Learn to take the ambiguity out of managing IT so you can guide your business forward.
Download now!
Use these tips from Gartner to identify the EPP solution that best suits your business.
Download now!
Topics: Hacked Off
Alert: Disposable Facebook Apps Installing Adware
Just like throwaway domains on the wider Internet, it seems like criminals now use throwaway applications on Facebook. They bring one app online to lure users and potentially infect them, and by the time one is taken down by Facebook, they create yet another. By Gadi EvronDark Reading
This is yet another advance by criminals to keep up with efforts to stop them. Isn't this one a fun twist, though?
Here are a couple of URLs for the most recent attack (both now removed by Facebook security, so they are safe): >> http://apps.facebook.com/hghh_rtrt/ >> http://apps.facebook.com/llkujyh_yjgyh/
Facebook catches onto them quickly (way to go, guys!), but this is certainly interesting and calls attention once again to the security of Facebook applications.
Certainly, up until now, while there have been security risks to applications and indeed malicious applications (none of which compromised the system itself), developers have had the ability to openly and easily create a new application.
This openness has been an asset to the entire community, but, unfortunately, when a society grows and criminal elements present themselves, systems sometimes can't scale. Some freedoms have to go if the system itself is to survive. Don't jump at my throat yet; I am not against First Amendment rights -- quite the contrary. However, I am FOR maintaining the infrastructure, which First Amendment rights activists use to argue if I do the right thing defending them.
Stricter control over application approval is called for, and I feel assured Facebook is up to the task. Unlike with its privacy policy (which I am worried about), the company hasn't failed us with its security efforts. It is, in fact, doing a great job -- especially considering what it is facing in securing one of the biggest hornet's nests of security threats on the Internet. I have full confidence in its security team, and especially with those who work with the community on a daily basis: Ryan McGeehan, Alex Rice, and the most recent addition, Nick Bilogorskiy.
Follow Gadi Evron on Twitter: http://twitter.com/gadievron.
Gadi Evron is an independent security strategist based in Israel. Special to Dark Reading.
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
Subscribe to RSSHow To Spot A Fake Facebook Profile
FDIC Warns Of 'High Risk' Payment Processors
More Than Half Of Cyberattacks Come From Asia
MORE KEYHOLE
