Facebook is failing to meet the burden of securing itself, security chief says

Enlarge / Facebook Chief Security Officer Alex Stamos. (credit: Dave Maass)
Facebook is failing to live up to the responsibility it faces for adequately securing the vast amount of personal information it amasses, the social network’s top security e…

Enlarge / Facebook Chief Security Officer Alex Stamos. (credit: Dave Maass)

Facebook is failing to live up to the responsibility it faces for adequately securing the vast amount of personal information it amasses, the social network's top security executive said in a leaked phone call with company employees.

"The threats that we are facing have increased significantly and the quality of the adversaries that we are facing," Facebook Chief Security Officer Alex Stamos said during a taped call, which was reported Thursday by ZDNet. "Both technically and from a cultural perspective, I don't feel like we have caught up with our responsibility."

He continued:

Read 5 remaining paragraphs | Comments

McAfee Labs: Faceliker Surge Manipulates Facebook “Likes” to Promote News, Other Content

Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social media. We see it in phishing messages, which fool us into clicking on a malicious weblink from what …

Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social media. We see it in phishing messages, which fool us into clicking on a malicious weblink from what appears to be a benign organization with which we do business. We also see it in the much discussed area of “fake news” on social networks, where readers are likely to take news reports “liked” by friends as legitimate news stories. Much has been written about how “fake news” is promoted by bots and other amplification services, and how such promotion may have had an impact on recent elections.

The McAfee Labs Threats Report: September 2017, released today, identifies a notable surge in similar activity by the Faceliker malware. This Trojan manipulates Facebook accounts clicks to artificially “like” certain content. Faceliker accounted for about 8.9% of the 52 million new malware samples detected in the quarter. It was a key driver in the 67% overall growth for the category during the period.

Faceliker is not the fault of Facebook. Rather, it is something users bring to Facebook.

Faceliker infects users’ browsers when they visit malicious or compromised websites. It then hijacks their Facebook account clicks in such a way that users think they are liking one thing, but the malware is redirecting the click. It acts on their behalf to click another “like” button without their knowledge or consent, essentially making each user an accomplice in the click fraud scheme.

Users aren’t negatively impacted by the Trojan, but they do appear to over-like certain content, skewing like-ratings through fraudulent inflation. The actors behind malware such as Faceliker sell their services to the actors behind the content.

Suspicious users can remove unrecognized likes by surveying their record of behavior in their activity log. To its credit, Facebook has put up defenses that detect fraudulent likes and ask a user to confirm that they intended to click as their browser appeared to click.

McAfee Labs Vice President Vincent Weafer has commented that as long as there is profit in such efforts, we should expect to see more such schemes in the future.

“Faceliker leverages and manipulates the social media and app-based communications we increasingly use today,” Weafer said. “By making apps or news articles appear more popular, accepted, and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth.”

Please see more threat statistics and trends analysis in this quarter’s report and follow us on Twitter at @McAfee_Labs.

The post McAfee Labs: Faceliker Surge Manipulates Facebook “Likes” to Promote News, Other Content appeared first on McAfee Blogs.

Locky ransomware uses decoy image files to ambush Facebook, LinkedIn accounts

(credit: Aurich Lawson)
A low-tech but cunning malware program is worrying security researchers after it started spreading rapidly in the past week through a new attack vector: by forcibly exploiting vulnerabilities in Facebook and LinkedIn.
Accord…

(credit: Aurich Lawson)

A low-tech but cunning malware program is worrying security researchers after it started spreading rapidly in the past week through a new attack vector: by forcibly exploiting vulnerabilities in Facebook and LinkedIn.

According to the Israeli security firm Check Point, security flaws in the two social networks allow a maliciously coded image file to download itself to a user's computer. Users who notice the download, and who then access the file, cause malicious code to install "Locky" ransomware onto their computers.

Locky has been around since early this year, and works by encrypting victims' files and demands a payment of around half a bitcoin (currently £294; $365) for the key. Previously, it had relied on a malicious macro in Word documents and spam e-mails, but Check Point says that in the past week there has been a "massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign."

Read 6 remaining paragraphs | Comments

Mark Zuckerberg’s Twitter, Pinterest accounts compromised

Facebook denies hack of Zuck’s Instagram; LinkedIn 2012 password dump fingered.

A hacker or hacking group going by the name of "OurMine Team" briefly took control of Facebook chief Mark Zuckerberg's Twitter and Pinterest accounts, apparently using information from a major LinkedIn security breech that occurred in 2012.

According to OurMine Team, the passwords to Zuckerberg's little-used Pinterest and totally dormant Twitter accounts were apparently the same as those for his LinkedIn login ("dadada"). Both Twitter and Pinterest rapidly restored control of the accounts over the weekend, and the rogue posts have now been removed—though not before they were screencapped:

LinkedIn's 2012 breach was significant and embarrassing for the company, and resulted in the theft of millions of passwords and other user information. Users were warned at the time to change their LinkedIn passwords, and those on any other platform on which they were reused. This is clearly evergreen advice, as it isn't hard for a determined hacker to cross-reference someone's username and password information with other sites.

Read 5 remaining paragraphs | Comments