Tag Archives: Facebook

China Censors Facebook.net, Blocks Sites With “Like” Buttons

April 28, 2015

Chinese government censors at the helm of the “Great Firewall of China” appear to have errantly blocked Chinese Web surfers from visiting pages that call out to connect.facebook.net, a resource used by Facebook’s “like” buttons. While the apparent screw-up was quickly fixed, the block was cached by many Chinese networks — effectively preventing millions of Chinese Web surfers from visiting a huge number of sites that are not normally censored.

Android Botnet Targets Middle East Banks

April 2, 2014

22 Comments

I recently encountered a botnet targeting Android smartphone users who bank at financial institutions in the Middle East. The crude yet remarkably effective mobile bot that powers this whole operation comes disguised as one of several online banking apps, has infected more than 2,700 phones, and has intercepted at least 28,000 text messages.

How Many Zero-Days Hit You Today?

December 5, 2013

52 Comments

On any given day, nation-states and criminal hackers have access to an entire arsenal of zero-day vulnerabilities — undocumented and unpatched software flaws that can be used to silently slip past most organizations’ cyber defenses, new research suggests. That sobering conclusion comes amid mounting evidence that thieves and cyberspies are ramping up spending to acquire and stockpile these digital armaments.

Spam-Friendly Registrar ‘Dynamic Dolphin’ Shuttered

November 25, 2013

24 Comments

The organization that oversees the Internet domain name registration industry last week revoked the charter of Dynamic Dolphin, a registrar that has long been closely associated with spam and cybercrime.

Facebook Warns Users After Adobe Breach

November 11, 2013

60 Comments

Facebook is mining data leaked from the recent breach at Adobe in an effort to help its users better secure their accounts. Facebook users who used the same email and password combinations at both Facebook and Adobe’s site are being asked to change their password and to answer some additional security questions.

‘Yahoo Boys’ Have 419 Facebook Friends

September 11, 2013

84 Comments

Earlier this week, I wrote about an online data theft service that got hacked. That compromise exposed a user base of most young Nigerian men apparently engaged in an array of cybercrime activities — mainly online dating scams and 419 schemes. It turned out that many of these guys signed up for the data theft service using the same email address they used to register their Facebook accounts. Today’s post looks at the social networks between and among these individuals.

The Value of a Hacked Email Account

June 10, 2013

76 Comments

One of the most-viewed stories on this site is a blog post+graphic that I put together last year to illustrate the ways that bad guys can monetize hacked computers. But just as folks who don’t bank online or store sensitive data on their PCs often have trouble understanding why someone would want to hack into their systems, many people do not fully realize how much they have invested in their email accounts until those accounts are in the hands of cyber thieves.

Krebs, KrebsOnSecurity, As Malware Memes

May 22, 2013

43 Comments

Hardly a week goes by when I don’t hear from some malware researcher or reader who’s discovered what appears to be a new sample of malicious software or nasty link that invokes this author’s name or the name of this blog. I’ve compiled this post to document a few of these examples, some of which are quite funny.

Critical Security Updates for Adobe Reader, Java

February 20, 2013

26 Comments

Adobe and Oracle each released updates to fix critical security holes in their software. Adobe’s patch plugs two zero-day holes that hackers have been using to break into computers via Adobe Reader and Acrobat. Separately, Oracle issued updates to correct at least five security issues with Java.

The Java update comes amid revelations by Apple, Facebook and Twitter that employees at these organizations were hacked using exploits that attacked Java vulnerabilities on Mac and Windows machines. According to Bloomberg News, at least 40 companies were targeted in malware attacks linked to an Eastern European gang of hackers that has been trying to steal corporate secrets.

Facebook, Yahoo Fix Valuable $ecurity Hole$

January 9, 2013

3 Comments

Both Facebook and Yahoo! recently fixed security holes that let hackers hijack user accounts. Interestingly, access to methods for exploiting both of the flaws appears to have been sold by the same miscreant in the cybercrime underground.