Social Networks are a Global Malicious Code Channel

If you are not familiar with the user-base in the social networking sites identified in my last post, you might think that all of them retain a North American focus, and then that this might be a North American problem.  It isn’t.  For example, two recent reports by Finjan identify analogous problems on the livedoor.jp and yaplog.jp social networking sites.  Both systems were infected via malicious iFrames and ActiveX applications designed to take advantage of a range of Windows vulnerabilities and then compromise the local environment and download additional malicious code, including a trojan that steals the user’s credentials.

The Finjan team does a good job outlining their position concerning a key risk of Web2.0 — that is “giving users the power to add code also gives them the power to add malicious code.”  Finjan promotes real-time content inspection.  That approach may buy time, but comprehensive and effective input validation and output encoding still seem like the only approach that will ultimately be successful.

How does your organization approach this issue?

— References —
“Cyber Sino-Japanese War?” MCRC Blog, Feb 26, 2009 http://www.finjan.com/MCRCblog.aspx?EntryId=2197
“Malware and the rising sun website” MCRC Blog, Feb 24, 2009 http://www.finjan.com/MCRCblog.aspx?EntryId=2195

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: