Word is out from Trend Micro that the Koobface botnet has started a new attack on Facebook, and also a second report about it using Google Reader to spam Facebook, MySpace, Twitter and possibly other social networking sites. This attack should be seen as part of the growing threat to social networking sites without the proper type of bot detection software. Below is the Trend Micro blog on the Facebook attack, but I would also advise checking out their blog post on the wider Google Reader attack as well. The Koobface botnet has pushed out a new component that ... more

The fight against Virtual Blight has two heroes this week, TechCrunch founder and editor Michael Arrington and Facebook advertising guru Dennis Yu, who set the spammy/scammy world of incentivized lead generation scams on fire. Arrington started the ball rolling with Scamville: The Social Gaming Ecosystem of Hell, and Yu pushed the gas pedal to the floor with How To Spam Facebook Like A Pro: An Insider’s Confession. These two heroes in the fight against blight have pushed MySpace to publicly flagellate these scams and toughen up their TOC for applications and advertisers along with getting serious about enforcement. ... more

CNN ran an interesting story today on how social networking sites have been recently plagued with spam, phishing, and other online fraud. For those of us in the network security field, this is not exactly news — but stepping back a bit from such tunnel vision, we have to remember that it is indeed news to a lot of the users of such sites. So while the article itself is fairly basic and beginner-level when it comes to online security, what is interesting is that it is being presented to such a wide general-interest audience. So, for ... more

The Bahama botnet appears to be generating a massive amount of click fraud on Google, which has cost advertisers using their services up to 30 percent of their total ad dollars. That’s a stunning amount of click fraud, and a good argument for any company advertising in this fashion to set up some click fraud prevention so their advertising budget isn’t wasted. Even more disturbing is the way the click fraud scammers have evolved. Instead of the early crude generation of clicks, Bahama is now apparently using DNS poisoning to reroute Google traffic through their own site (which ... more

Yesterday brought the story of a massive phishing attack on Hotmail which resulted in at least 10,000 passwords being available online. Today, though, a researcher at ScanSafe is saying not so fast — she thinks “it’s more likely that this latest was the result of keylogging or data theft, not phishing.” If true, this would contradict what both Microsoft and Google have been claiming in public. The researcher is basing her claim on a cache of password data she found a few months ago, which is similar to the ones found recently in the news about what both ... more

A huge phishing attack on Microsoft’s Hotmail site has now apparently spread beyond the company, and is threatening Google, Yahoo, Comcast, Earthlink, and others. At least ten thousand passwords (and, by some estimates, possibly up to a million) have already been posted online, and the scope of the attack doesn’t seem to be accurately known at this point. The security breach doesn’t appear to be a problem in login protection, but rather a classic phishing attack in which the users themselves hand over their own passwords. Might be time to change all your passwords, just on general principles. ... more

I saw an interesting figure in a Google blog the other day. From the blog post (the introduction, where the figures are quoted — the rest of the post is largely on how wonderful it is that Google has acquired reCaptcha): As previously mentioned, Google has acquired reCaptcha, a company providing those hard-to-read Captcha tests to tell robots and humans apart on websites (e.g. to protect a comment form against automated spamming). The twist with the highly popular reCaptcha is that it’s also used to help turning scanned books into searchable digital text… something Google aims to apply for ... more

Google thinks it has the answer to the growing malware threat — tell ISPs to do a better job policing the net for everyone. This wouldn’t normally be funny, but one article I read which discussed the comments started out with the following: As if to underscore its call for greater industry cooperation to fight malicious online ads and content, Google allowed a scam ad to appear briefly atop search results on Tuesday for the term “Firefox.” The sponsored link purported to take Google searchers to the official Firefox Web site, but in fact took them to a different ... more

In a fairly stunning development, it was recently announced that Google is acquiring ReCAPTCHA, Inc. ReCAPTCHA, of course, is a spinoff from Carnegie Mellon University, begun by the man behind the CAPTCHA concept, Linus von Ahn. While CAPTCHA technology has been around for awhile, reCAPTCHA at least used the annoying little “type this text warped beyond any recognition” idea to do some societal good — by editing scanned archaic books for library and research purposes. CAPTCHAs have raised quite a bit of ire online, as any quick blog search will verify. This is because they tend to ... more

The Koobface worm has a new trick up its sleeve: click fraud. Malware, of course, changes frequently to utilize botnets for all sorts of scams and schemes, but this appears to be new ground for the enormous Koobface botnet. By hijacking the results of a Google search, it redirects the links to point to unrelated advertising sites. Koobface itself hasn’t changed how it spreads (largely through social networking sites), or how it infects computers, but the botnet has obviously found a new way to make money. The creators of the worm are also getting a little more ... more