After dealing with multiple attacks on several sites, including Apple, Facebook, and Twitter – this being Java exploits. Now, it’s time to deal with more hacks, including NBC.com (which has been serving up malware for a day now) and Twitter. As in recent reports now, Tumblr and Pinterest have been forewarned.
NBC.com’s hacked pages were modified to include additional HTML component called IFRAME, which is inline frame. This allows at least a 1px x 1px frame to be included independently in the webpage, which may contain malicious code. In HTML code, frames can be made to host web content. But, in the hands of the evildoers, aka cybercriminals, it is used as an effort to launch malware campaigns.
I recognized something was wrong with NBC.com, which may have already been hacked a few weeks ago, and I posted the information on my Twitter account that a downloaded file was sent to my browser asking me to save or open it. This was on a sister site/blog, RedTape. I asked people to replicate it. The Twitter status can be found here.
What type of malware was delivered? Citadel or ZeroAccess, which are both crimeware families and botnets. They are usually part of several exploit kits.
This drive-by download situation is no good, as the pages were taken offline. Therefore, that dropped the traffic of those specific areas of the site. It is sure that this situation is a matter of cybercrime aimed at a financial side of things, not defacement or pranks.
Was it a big deal that it was NBC? No. In fact, it is sure the hackers were aimed at using a high-profile site, and apparently NBC.com was the easiest or quickest to access. Hackers rely on time and many other factors to make their approach(es).
Zendesk hacks and other various warnings
Zendesk is all about customer support…therefore no one really knows, except for those in the business of customer support. Big names use this service, which include Tumblr, Twitter, and Pinterest, among others. Hackers broke into the Zendesk systems, accessing email addresses of those big name customers, namely Twitter, Tumblr, and Pinterest.
How “pinteresting” that another hack has been born, which is related to a social network. Zendesk detailed the hack:
We’ve become aware that a hacker accessed our system this week. As soon as we learned of the attack, we patched the vulnerability and closed the access that the hacker had. Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system. We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response.
The companies involved made a point to tell its customers that they haven’t been hacked, but private information was stolen. Luckily, no password thievery was involved.
Obviously, an incident like this, just like the NBC.com incident, needs to be taken very seriously. Something must be done to stop the continuous hacks.
Twitter hacks additionally are nothing new. Many times, hackers used a backdoor, such as the tools the support team uses, to infiltrate the information of Twitter users. It’s not a huge gain, more possibly a waste of time.
The FBI has taken into custody a 27-year-old man, claiming that he hacked the accounts of Facebook users coaxing hundreds of women to strip on their webcams, while watching on Skype.
The man identified by the FBI as Karen (“Gary”) Kazaryan of Glendale, CA, was arrested yesterday on federal computer hacking charges.
According to a US Department of Justice press release, Kazaryan is claimed to have broken into victims’ Facebook and email accounts, changing their passwords, and searching for naked and half-naked photographs. He also gathered personally-identifiable information from the users, including passwords, personal details, names of friends, etc.
The report details also that Karen threatened the users who did not comply to his demands of stripping, that he would post nude photos of them on their own Facebook pages. It is also reported that approximately 3,000 photos were seized from the man’s computer. The FBI believes 350 women were lead in to “sextortion”.
The FBI is urging all women who believe they might be a victim to contact the Los Angeles Field Office at +1-(310) 477-6565.
Facebook has announced the expansion of their alliance with antivirus companies in hopes to better secure its users and promote good privacy… here is a quick scope of the details:
Today, we are excited to announce the expansion of our AV Marketplace to include 7 new partners to our growing coalition of security companies. Starting now, Facebook users will be able to download software from – avast!, AVG, Avira, Kaspersky, Panda, Total Defense, and Webroot. Not only do we have new partners but also many of our existing partners – Microsoft, McAfee, Norton, TrendMicro, and Sophos – will begin offering anti-virus software for your mobile devices. You can visit the AV Marketplace now to download your free anti-virus software for PC, Mac and Mobile.
Our new anti-virus partners bring with them both the latest software and comprehensive intelligence. As with our existing partners, these seven companies will help protect Facebook’s community of over a billion users by improving our URL blacklist system. This system scans trillions of clicks per per day, and before each click, the system consults the databases of all our AV Marketplace partners to make sure the website you are about to visit is safe. This means that whenever you click a link on our site you are protected both by Facebook and 12 of the industry leaders in computer security. We will be cooperating with these partners more in the future, and look forward to announcing new tools soon.
Read more now at the Facebook blog