Don’t click on ‘Paramore n-a-k-ed photo leaked!’ Facebook link
June 5, 2010 by admin
Filed under Security News
Updated Many Facebook users are being hit by further clickjacking attacks today, taking advantage of the social network’s “Like” facility.
The latest lure is a link which claims to point to a website containing a naked photo of Hayley Williams, the lead singer of the American rock band Paramore.
Affected profiles can be identified by seeing that the Facebook user has apparently “liked” a link:
Paramore n-a-k-ed photo leaked!
The fact that 21-year-old Hayley Williams has recently been the subject of much internet interest after a topless photo of her was leaked online, is only likely to fuel interest in the naked pictures promised by these links. But take care, because all may not be what it seems.
Clicking on the links takes Facebook users to a third-party website which displays a message saying:
Click here to continue if you are 18 years of age or above
What the hackers have actually done is very sneaky. They have hidden an invisible button under your mouse, so wherever you click on the website your mouse-press is hijacked. As a consequence, when you click with the mouse you’re also secretly clicking on a button which tells Facebook that you ‘like’ the webpage. This then gets published on your own Facebook page, and shared with your online friends, resulting in the link spreading virally.
Attacks like this can spread very very fast. Judging by the number of messages I’ve seen, thousands have already found it impossible to resist the idea of seeing the lead singer of Paramore naked and have fallen head-first into the “likejacking” trap.
This use of a clickjacking exploit to publish the same message (via an invisible iFrame) to the visiting user’s own Facebook page works in a similar fashion to the clickjacking attacks we saw earlier this week.
Twitter compromised, DNS hijacking to blame
December 18, 2009 by admin
Filed under Security News
A couple of hours ago, Twitter web site appeared to be defaced by someone called “Iranian Cyber Army”. The situation was fixed and as it turned out, hack was a result of DNS hijacking.
Initial message from the official Twitter account:
Twitter’s DNS records were temporarily compromised but have now been fixed. We will update with more information soon.
Twitter’s blog post that followed:
As we tweeted a bit ago, Twitter’s DNS records were temporarily compromised tonight but have now been fixed. As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we’ve investigated more fully.
Source : www.net-security.org
Godfather of spam jailed for four years
November 26, 2009 by admin
Filed under Security News
Alan Ralsky, the so-called “Godfather of spam”, has been sentenced to four years in jail for his role in a stock fraud scheme that earned him $2.7 million during the summer of 2005.
SmitFraudFix (Desktop Hijack Malware Removal) (WinXP, Win2K)
September 29, 2009 by admin
Filed under Removal Tips,Tools and Videos
This tool removes Desktop Hijack malware: Advanced Antivirus, Advanced Virus Remover, AdwarePunisher, AdwareSheriff, AlphaCleaner, AntiSpyCheck, AntiSpyware Expert, Antispyware Soldier, AntiVermeans, AntiVermins, AntiVerminser, AntiVirGear, Antivirus 2009, Antivirus 2010, Antivirus 360, AntiVirus Lab 2009, Antivirus Master, Antivirus Sentry, Antivirus System Pro, Antivirus XP 2008, AntivirusGolden, AV Antispyware, AVGold, Awola, BraveSentry, Coreguard Antivirus, Extra Antivirus, HomeAntivirus 2009, IE Defender, IE-Security, Internet Antivirus, Malware Defender 2009, MalwareCrush, MalwareWipe, MalwareWiped, MalwaresWipeds, MalwareWipePro, MalwareWiper, Micro Antivirus 2009, MS AntiSpyware 2009, MS Antivirus, PC Protection Center 2008, Personal Defender 2009, PestCapture, PestTrap, Power Antivirus, Power-Antivirus-2009, PSGuard, quicknavigate.com, RegistryFox, Registry Cleaner, Renus 2008, Security iGuard, Smart Antivirus 2009, Smitfraud, SmitFraudFixTool, Spy Protector, SpyAxe, SpyCrush, SpyDown, SpyFalcon, SpyGuard, SpyHeal, SpyHeals, SpyLocked, SpyMarshal, SpySheriff, SpySoldier, Spyware Guard 2008, Spyware Protect 2009, Spyware Vanisher, Spyware Soft Stop, SpywareLocked, SpywareQuake, SpywareKnight, SpywareRemover, SpywareSheriff, SpywareStrike, Startsearches.net, System Antivirus 2008, System Guard 2009, TheSpyBot, TitanShield Antispyware, Total Protect 2009, Total Secure 2009, Trust Cleaner, Ultimate Antivirus 2008, UpdateSearches.com, UnVirex, Virtual Maid, Virus Heat, Virus Protect, Virus Protect Pro, VirusBlast, VirusBurst, VirusRay, Virus Remover 2008, Virus Shield, VirusResponse Lab 2009, VirusTrigger, Win32.puper, WinHound, WinPC Defender, WiniBlueSoft, Vista Antivirus 2008, WinDefender 2009, XLG Security Center, XP Deluxe Protector, XP Security Center, XPert Antivirus, XP Police Antivirus, Brain Codec, ChristmasPorn, DirectAccess, DirectVideo, EliteCodec, eMedia Codec, EZVideo, FreeVideo, Gold Codec, HQ Codec, iCodecPack, IECodec, iMediaCodec, Image ActiveX Object, Image Add-on, IntCodec, iVideoCodec, JPEG Encoder, Key Generator, LookForPorn, Media-Codec, MediaCodec, MMediaCodec, MovieCommander, MPCODEC, My Pass Generator, NetProject, Online Image Add-on, Online Video Add-on, PCODEC, Perfect Codec, PowerCodec, PornPass Manager, PornMag Pass, Pornovid, PrivateVideo, QualityCodec, Silver Codec, SearchPorn, SexVid, SiteEntry, SiteTicket, SoftCodec, strCodec, Super Codec, TrueCodec, VideoAccess, VideoBox, VidCodecs, Video Access ActiveX Object, Video ActiveX Object, Video Add-on, VideoCompressionCodec, VideoKeyCodec, VideosCodec, WinAntiSpyPro, WinMediaCodec, X Password Generator, X Password Manager, ZipCodec, WinCoDecPRO…
