Alas, another day, another Facebook security alert.

As soon as you install this malware, it will tag every single one of your friends in a photo in batches of about 20. It then posts that photo to your wall.

This is what the photo looks like:

If a Friend looking through the photos then clicks on the app’s  link, they’ll see this:

If you have a lot of friends, you might end up with a series of albums like this:

Apart from the wall spamming, another obvious indication that this is a virus itself, is the url:

http://apps.facebook.com/kxetyegpgkxdwfy/

A valid application is not going to have a url with a bunch of jumbled letters at the end.

If you have been tagged in  the photo by one of your friends (remember, they did not really do this – the app did automatically), you can remove the tag.

1. Open your photos
2. Click the offending picture
3. Look for your name in the list of people tagged
4. Click the ‘Remove Tag’ link that appears beside your name

The photo will then automatically be removed from your photo list.

Source:

http://www.f-secure.com/weblog/archives/00001920.html

http://thefacebookinsider.com/2010/03/warning-facebook-antivirus-will-virally-spam-your-friends/

Steganography is the means of “hiding” information within a larger file of data It poses a risk to ecommerce security because it allows data or malicious programming instructions to be hidden in other media. In the case of the former, malicious insiders (i.e. employees, contractors, etc) with access to customers financial data may improperly access that data and use steganography to forward it to their accomplices without being detected. In the case of the latter, hackers can embed malicious code in other files, such as images, audio and video files. These files can be forwarded to users as spam or made available via web sites and peer-to-peer networks in the guise of items that would attract the interest of web surfers.

Digital steganography requires special software and organizations involved in ecommerce can mitigate the risk of insiders using steganography to steal customer data by controlling the applications that can be installed on employee workstations. Network and Host-based Intrusion Detection Systems can also be used to detect unusually behavior. User education and awareness training can help make users more aware of the risk posed by downloading files from the Internet. Users can also be trained to verify the origin and authenticity of files using the hash files before downloading them.

If one suspects his/her financial information has been compromised by any means, including steganography, one should immediately communicate the fact to all affected financial institutions and close the affected accounts. Keeping an updated antivirus provides some level of protection however antivirus is ineffective against malware whose signature hasn’t been provided by the vendor. Often times, it is nearly impossible to detect ecommerce-based attacks until after the fact. It is important to closely monitor your accounts for unusual activities to be able to respond as quickly as possible

Below you have a few copies of Hakin9 that you can download for free from the Hakin9 web site.  On the same page as the magazine you will also find dozens of great articles that you can look at.  They are all in PDF Format.

All that is required to access the downloads is to join their mailing list.  You will immediately receive through email a confirmation link with instruction on how to access the files.  Do read the past issues, you will see that coverage is very thorough and most of the content would still be applicable today with minor changes.  Hakin9 is a magazine that I like very much and it always contains great articles and howto.  The printed magazine comes with a bootable version of Backtrack plus many commercial utilities with license to use.  The best way to really appreciate if it is for you or not is by downloading some of the copies below and see for yourself.

MY ERP GOT HACKED!  Release Date: 2009-07

FREE ISSUE: My ERP Got hacked! 04/2009  Download pdf

Breaking Client-Side Certificate Protection   Release Date: 2009-03

The Real World Clickjacking  Release Date: 2009-02

Hacking Instant Messenger    Release Date: 2001-01

FREE ISSUE: Hacking Instant Messenger 01/2009  Download pdf

Is your banking practices putting your business at risk? Protect your small business accounts from cybercriminals. The Wall Street Journal offers the following suggestions for small businesses seeking to ward off an attack:

Defend your Computer

Hackers often take aim at small firms’ computers because they are easier to infiltrate than banks’ systems. One common mode of attack is to send a “spear phishing” email containing an infected file or a link to a malicious Web site to employees with access to the firm’s financial accounts. Once the employee opens the attachment or goes to the Web site, malware is installed on the computer that allows criminals to access banking logins and passwords. While up-to-date antivirus software offers substantial protection against malware, it isn’t 100% effective.

Accessing your bank account through a computer that isn’t used for anything else—no email or Web surfing—and isn’t connected to the local network offers strong protection, says William Nelson, president of the Financial Services Information Sharing and Analysis Center, an industry group that collects and shares threat data.

Another option is to use an obscure computer operating system such as Ubuntu or Web browser such as Opera because attackers rarely create malware for them, security experts say.

If you use Microsoft Corp.’s Internet Explorer browser, make sure you have the latest version, IE 8, which includes security features to help prevent attacks. Consider using Explorer in “protected mode,” which restricts files that try to install on a computer without the user’s consent, and set your “Internet zone security” to “high,” which disables some of Explorer’s less-secure features, according to Microsoft.

Protect your Accounts

Ask your bank to set up “dual controls” on your account so that each transaction requires the approval of two people—a good guard against fraud, security experts say. Establish a daily limit on how much money can be transferred out of your account, and require that all transfers be prescheduled by phone or confirmed via phone call or text message. If possible, impose restrictions on adding new payees, security experts say.

Check bank balances and scheduled payments at the end of every workday, rather than the beginning, and immediately contact your bank if anything is amiss. Banks use the Automated Clearing House system to transfer funds to payees’ banks. These transfers usually aren’t paid until the next morning, so timely action could halt the completion of a fraudulent transaction, Mr. Nelson says.

Shop for a Bank

Review your agreement with your bank and know what rights you may be waiving by not using certain security measures. While agreements between banks and commercial customers typically absolve banks of responsibility for fraud losses, the bank down the street may offer better protections, so shop around. Also, consider adding insurance coverage for fraud losses.

Many banks, concerned about damage to customer relationships, have stepped up their defenses against cyberattacks, rolled out new protections for customers and begun sharing more threat information with each other and law enforcement, Mr. Nelson says.

An emerging motivator may be a growing number of lawsuits by small companies claiming their banks didn’t have “commercially reasonable” security.

A judge in a closely watched case involving a self-employed couple’s personal and commercial accounts said in refusing to grant a summary judgment that a jury might find fault with the adequacy of the bank’s defenses, which the plaintiffs argued weren’t state of the art at the time of the theft. The case—Shames-Yeakel vs. Citizens Financial Bank—was settled in late December under confidential terms. The plaintiff’s lawyer, John Soumilas of Francis & Mailman PC in Philadelphia, says he pursued the case as one of consumer-identify theft, where protections are ample.

Still, David D. Johnson, a digital-media lawyer at Jeffer, Mangels, Butler & Marmaro LLP in Los Angeles who wasn’t involved in the case, says the judge’s action suggests that “a bank can’t simply rest on its laurels, on its security measures that worked last year,” and avoid liability. The judge declined to comment, and Citizens Financial didn’t return a call for comment.

Reach Out

Connect with law-enforcement agencies before an incident occurs, suggests Mr. Henry. He says small businesses should consider joining the FBI’s InfraGard, a group of businesses, academic institutions and state and local law-enforcement agencies that seek to ward off cyberattacks and other threats by sharing information and intelligence.

He also urges companies to report all computer crimes immediately to the FBI. The agency has relationships with law-enforcement organizations around the world that are starting to bear fruit, he says, pointing to the recent arrest of 120 people tied to Romanian groups that allegedly stole money from U.S. companies and citizens.

“In the cases where we have put hands on somebody, it was the result of a victim company raising their hand and saying this happened,” Mr. Henry says. “If they hit you today, they’re hitting the guy down the street tomorrow.”

Panda Security has released the following advisory:

In the last 24 hours, PandaLabs has detected the massive propagation among Facebook users of a fake virus alert. The truth is, this is just another attempt to infect users with fake antivirus programs.

The fake warning is distributed via email and users are forwarding it or publishing it on Facebook walls, thereby further spreading the hoax. The text of the fake warning reads as follows:

ALERT Has your facebook been running slow lately? Go to “Settings” and select “application settings”, change the dropdown box to “added to profile”. If you see one in there called “un named app” delete it… Its an internal spybot. Pass it on. about a minute ago….i checked and it was on mine.

There is no associated link, but if users search the Web for more information, they will encounter numerous malicious websites designed to download fake antiviruses.

There has been many predictions in the security circles that security in the social networks will pose a significant problem 2010. It’s still January but this isn’t promising. An encouraging sign, however, is that the owners of Facebook is is taking notice and trying to help mitigate some of the risk. On January 13, Facebook announced a year-long partnership with McAfee to offer all 350 million people who use Facebook the ability to download a six-month subscription to McAfee security software at no cost, along with a special discount once the six months are over. Good for them…and You.

Source: http://www.pandasecurity.com/homeusers/media/press-releases/viewnews?noticia=10045