Facebook pictures
(Nick Ray/The Times)
Mike Harvey, Technology Correspondent, in San Francisco
Facebook users are at risk from malicious hackers targeting the site, online security experts warned.
Account holders have been hit by several different hacking attempts in the last week, as thieves try to capitalise on the trust users place in the service.
Rik Ferguson, senior security adviser at Trend Micro, said that Facebook, which has more than 174 million active users worldwide, had been hit by four separate "rogue applications" and a virus targeted at users of the site.
Hackers are now seeking to take advantage of the popularity of social networks like Facebook and MySpace to get users to divulge personal details, he added.
Facebook allows people to develop and write software applications to run on the site, but they do not need to be approved by Facebook before they are made available for people to download. Mr Ferguson called for Facebook to review its security processes.
"I think that it is time Facebook had a review of its application vetting policy. It launched a service in November last year where people can pay to get their applications approved, but it is voluntary," he said.
According to Mr Ferguson, the rogue applications included "Error Check System" and "Facebook Closing Down", which sent messages to users' profiles saying, for example, that a friend had reported a violation or had a problem contacting them.
The Error Check System rogue application warned users that their friends had been unable to see their profile and contained a link to enable the user to view an “error message”. Clicking on the link only served to forward the same warning messages to all of the friends in a user’s social network.
Such an application could give hackers the opportunity to steal personal information contained in the users' profiles, Mr Ferguson warned. The programs appeared to be test runs, with the next stage potentially proving more dangerous.
Mr Ferguson said:
"It looks like this is a proof of concept. They did not appear to do anything malicious other than spread themselves extremely fast and well. Now they have worked out how to do it, we would expect to see more and more malicious applications."
A variant of the Koobface virus that first appeared on social networking sites last December, added to Facebook's problems, Mr Ferguson said.
The new variant uses a Facebook message to try to get people to visit a fake YouTube page and install the malware. To make it look more plausible, said Mr Ferguson, the virus posts the image from a Facebook member's profile on the video page.
"The worm connects to a respective site using login credentials stored in the gathered cookies. It then searches for an infected user’s friends, who are then sent messages containing a link where a copy of the worm is downloaded. It also sends and receives information from an infected machine by connecting to several servers. This allows hackers to execute commands on the affected machine," Mr Ferguson wrote in a blog post.
Mr Ferguson advised people to be careful about the information they made available on Facebook. Profiles should be set to private and not contain any details beyond what is absolutely necessary. "Be very careful and do not click on any strange notifications," he said. "If you receive a notification that looks suspicious do not open it."
Graham Cluley, senior technology consultant at anti-virus software developers Sophos, wrote in a blog post: "One of the problems is that Facebook allows anybody to write an application and third party applications are not vetted before they are released to the public."
A Facebook spokesman said: “We’ve tried to make the process of building on the Facebook Platform relatively easy in order to stimulate innovation – and to allow the kid in a college dorm room to compete against the big corporation. We’ve also built security into platform by preventing any app from accessing sensitive information like contact info.
"The vast majority of Facebook applications create unique and significant value for our users and do not seek to do anything nefarious with the limited information they can access when users authorize them. That said, we have a dedicated Developer Operations team that’s responsible for investigating applications that show anomalous activity, or that are reported to us by our users.
"This team contacts developers to enforce our policies, either by placing restrictions on the application or by disabling it entirely. In this case, we responded quickly to user reports and disabled the application before too many people were affected. Other instances of developers abusing the system are rare.
"Our developer community has more than 660,000 developers, which is about the population of Baltimore. The drastic measures others have suggested is akin to saying, “there have been two robberies, we need to implement martial law in the city”.
No comments:
Post a Comment