The internet is a great place to find information but on the internet you can be assured of one thing: Wherever people gather on the internet in large numbers, there will be spammers and hackers who are lurking in the shadows, waiting for an opening to pownce on unsuspecting internet users.
As social media becomes a staple of legitimate promotion and marketing it’s not suprising to see that the most popular social sites would fall victim to attacks from malware and spyware distributors. Two recent incedents at the popular sites Digg and Facebook have shown the lengths to which cyber-criminals will go to spread their malicious content and links to unsuspecting internet users.
Facebook Group Hijacked by Spammers
A popular Facebook group called “5,000,000 against the new version of Facebook” was recently defaced by spammers who put up advertisements on the group’s site. The advertisements were for a variety of get rich quick schemes (probably Clickbank hoplinks) and one was even a guide on how to seduce women (definitely a clickbank hoplink).
“Our investigation showed a third party was involved in distributing the spam,” Facebook spokesperson Barry Schnitt told InternetNews.com by e-mail. “We’ve cleaned up the site.”
Seems like this was a well calculated attack by the malware distributors. Instead of trying to hijack a handful of smaller, less active Facebook groups, they targeted a very popular, highly trafficed group. There’s really nothing Facebook could do about this except clean up the mess.
Digg Impregnated With Rickrolling Malware
Sean-Paul Correll, a researcher at PandaLabs blogged about a threat to Digg users involving hackers “Rickrolling” visitors into clicking links to malware infested sites.
 |
Over the past few months we have noticed attacker efforts to maximize blackhat SEO tactics and increase infection rates at the same time by abusing the popular social news aggregate site, Digg.com. Digg allows users to create an account, submit, vote, and comment on news stories.
Malware distributors have been creating false stories with catchy subject lines as an attempt to bait (Rickroll) users into clicking links leading to an infection. In some cases the attackers do not create the news story themselves, rather linking to others relevant content. |
Correll told InternetNews.com that he found 52 accounts posting news stories or comments with malicious URLs. Many of these accounts purport to be news items about celebrities, including actors Christian Bale and Alyssa Milano, singer Britney Spears and Paris Hilton.
These two latest attacks on Digg and Facebook show how social networking sites can be vunerable to hijacking by spammers and malware vendors. It’s no reason to stop using social networking sites but exercise a little bit of caution before clicking links that might seem suspicious. You should also have the latest spyware and malware protection installed on your computer when surfing any sites.
As you know Social networks like Facebook rely on users to enrich the experience by posting content such as pictures and video as well as links and then sharing the content with their contacts. Spam-based social networkers will go to other people’s comment threads, for instance, and chime in with links that, if clicked on, will install malware.
Digg is so much dominated by top users…its hard to get on the front page if you are not friends with the big fishes.
Dave
We are going to see more, and more of this kind of stuff.It is to bad that the average person looking to join a online community has
to add this to their list of concerns.
The internet is great a great resource for info,but like you said
it brings with it alot of shady people with nothing better in life
to do then to hack into different systems.
I do have the latest spyware,it was money well spent.
Thanks for sharing.
Many of my friends get infected by Rickrolling Malware through digg. But they resolve this issue and Digg doing clean job once again.
Awesome post! Added you to my reader a while back have not been dissapointed, keep up the great posting.
Popular websites are always in the eye of spammers. Website owners spend millions of dollers to protect their website, but still spammers find a way. That is really strange.
I wonder how many people realize this even goes on on these types of sites? These sites have become huge targets for this type of attacks because of all the power they carry with backlinks, built-in traffic, etc.
as these social networking sites (ie facebook , digg) become more popular they become more of a target for abuse and spammers. Same goes with the ad programs. take a look at the facebook ads program ,they had tons of crap in there (ie. stimulus check scam). the good part is that they are huge and have the resources to deal with it. You can follow my blog about the facebook ads program at adsonfacebook.wordpress.com
It’s a shame that such things are going on. I have had a few friends who have caught viruses from social networking websites. I’m always careful about where I go and what I click on the internet because I know such risks exist, but with blackhat practices on the rise it’s just a matter of time.
It just goes back to the old principle of don’t click on anything you’re not sure of.
Just found this post and wanted to add my two-pence worth. Just recently a few of my Facebook friends had their accounts attacked and the affect was this; when I logged on their Facebook IM would pop-up with a message to download a free ringtone or visit to watch the latest webcam (you know the types). Unfortunately, a few of their Facebook friends didn’t question the change in their behaviour and personally attacked them by posting threatening messages on their Facebook wall.
It is a real shame that this sort of thing takes place as these guys were honest guys just looking to connect and network with people and in one day, had their Facebook reputation in tatters due to the spammers / hackers.
My advice would be to keep your details safe and change your password regularly.
Thanks for posting.
Karl
P.s. You’ve got yourself a new RSS subsriber. ;)
Karl, I knew somebody who had his MySpace account hacked a few years ago by some spammer who damaged his reputation. I think it’s really vile to spam but it’s even worse when the spammer is damaging somebody elses reputation.
I created a url shortening service for Twitter (http://wmw.me) because I had the short .me domain and it was an easy script to write. All it does is redirect a url, so the redirected visitor ends up on the intended page anyway. It doesn’t hide anything, so I never thought a spammer would be so stupid as to use a redirected url…
Well, some stupid spammer discreetly created 1000+ redirects over a few months and then one day launched a spam session with the redirected urls. Within a few hours, I had a flood of emails and my sales rep where I have my dedicated servers called me about the spam. I shut off all the spammers urls but the server got hammered for a few hours and I had to spend the rest of the day coding some checks and balances into the script to prevent future attacks.
When I think of how many hours per week I spend dealing with spammers on my forums, blogs, sites and email, it makes me want to scream.
Thanks for responding Dave!
Your experience must have been truly frustrating. It’s bad enough trawling through Askimet on my blog/s to see if any genuine posts have slipped through…
Any suggestions on the best way to prevent a server based attack?
Karl
I use the apache httpd.conf file and iptables firewall to block problem IP ranges. The httpd.conf (can also be done with .htaccess) is great because you can limit http POST. That way you’re not blocking the IP’s from viewing content, you’re only blocking them from posting (and spamming). There are several good lists availabe but I operate several forums and a few dozen blogs, so I just run a script to pull all the spammer IP’s from the mysql tables and create fresh ban lists on the fly. I only use the firewall as a last resort to drop any packets from offending IPs.
Thanks Dave…
I will be looking into this to make sure I’m as protected as I need to be.
Karl
Clickbank hoplinks are the easiest to spam with because Clickbank doesn’t care and their vendors don’t care how you get traffic to them.
I have read this news somewhere before.I couldn’t believe that facebook can allow such stuffs to happen.Hope they will get a better interface to detect such activities.
Yes. Social networking sites is vunerable to hijacking by spammers and malware vendors. But we can find some ways to prevent such hijacks.