Posted by Virus Bulletin on Jan 8, 2008
Storm ecards and social site spyware mark unsurprising year end.
With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in malware attacks has been seen, including the now inevitable wave of emails from the 'Storm' worm attack (which targeted most important festivals in the past year), supplemented by another outbreak of spyware on a popular social networking site.
The latest Storm wave hit first on Christmas Eve, with a somewhat belated wave of greetings cards targeting unwary celebrators. The wave quickly moved on to the new year, with subjects and URLs reflecting the seasonal message, most being some variant of 'Happy 2008', while the content promised anything but - trojans dropped via exploits adding new systems to the botnets behind the spam campaign.
Facebook, the social networking success story of 2007, saw a large number of users hit buy a nasty application posing as messages from a secret admirer, which in fact led to the installation of notorious spyware product Zango.
The app requires users to provide contact information for a group of their own 'friends' before installing to a Facebook page, and also dropping the Zango software onto the system. It then goes on to push itself on these users, leading Fortinet researchers to label it a 'social worm' in their blog entry on the outbreak, here. More comment from McAfee is here. Another Facebook threat, a phishing attempt uncovered by researchers at F-Secure, is described here.
'Both these attacks reflect the popularity of social engineering with malware authors,' said John Hawes, Technical Consultant at Virus Bulletin. 'They rely on users getting excited at the thought of social contacts, even from strangers, and ignoring usual safety precautions. Users are always going to be the weakest link in security, perhaps as these attacks become ever more commonplace people will start using their heads a little more when they are online.'