Industry Trends

Security Week In Review, April 2-6

By Stefanie Hoffman | April 09, 2012

Security took a few unexpected twists and turns for the first week of April. For one, Mac owners received a bit of a jolt when a rapidly spreading botnet ran rampant on their machines. Meanwhile, Anonymous is expanding its reach to the world's most populous nation and the public white board Pastebin appears to be cracking down on data dumps from its hacker users. Here's a look at last week's security landscape.

Flashback Attacks Macs: Last week, Apple Mac owners stood in the shoes of their Windows loving peers when a massive strain of malware—known as the Flashback botnet—ran rampant on users' machines. The botnet was distributed via infected Websites through a malicious Java applet that lured in unsuspecting victims by posing as an Adobe Flash Player update. The Java applet then launched a downloader that subsequently installed the Trojan's main component, which continuously connected to one of its command-and-control (C&C) servers and waited for new orders from its creators.

And like most Trojans, Flashback creates a backdoor that funnels sensitive personal and financial information to remote servers operated by the botnet creators.

Apple did however, issue an update plugging the Java hole, but not before the botnet infected more than 600,000 Macs worldwide—with more than 50 percent in the U.S. And while a patch is available, the botnet still appears to be gaining traction and going strong.

Anonymous Outreach Extends To China: Global hacker collective Anonymous is branching out to new markets—namely The People's Republic of China.

Anonymous kicked off its campaign with the launch of AnonymousChina Twitter, from which members are updating with tweets of the group's activities.

Thus far, the notorious hacker group claimed to have defaced more than 480 Websites throughout last week, including a myriad of government sites, and have actively attempted to galvanize Chinese citizens to join its cause.

Congruent with the hacker group’s modus operandi, members have boasted that they have leaked user names, passwords, phone numbers and e-mails gleaned from a slew of government Websites.

And without fail, the apparent hacks were accompanied by messages posted to Pastebin, warning the Chinese government of impending attacks while urging Chinese citizens to revolt against the government regime.

The hacking spree didn't appear to have raised the ire of the Chinese government, however, given that Twitter is banned in China, the members are not Chinese, nor based in China and many of the tweets are written in English.

Facebook Mobile Plagued With Security Flaw: A new security flaw for the Facebook app on iOS as well as the Android platform enables hackers to lift the Facebook identity of mobile users.

Essentially, the Facebook flaw occurs on both the Apple and Android platform, which includes Android phones and tablets, as well as the iPhone and iPod, all of which fail to encrypt login credentials. This oversight enables hackers to easily swipe them via USB ports or links to Websites pitted with malicious information-stealing code.

Facebook acknowledged the flaw but maintained that the vulnerability only applies to compromised and jailbroken devices, while recommending that users refrain from modifying their devices to reduce risk of identity theft.

Ultimately, Facebook said it was looking into a way to mitigate the problem but conceded that there doesn't seem to be a simple answer. One solution might be requiring users to enter passwords on their device every time they log in, but given that users have grown accustomed to getting right onto the Facebook app, this might be easier said than done.

Pastebin Cracks Down On Data Dumps: Pastebin may be cracking the whip on hackers who use the site for public data dumps. Pastebin's owner Jeroen Vader told the BBC that the site can't keep up with the number of abuse alerts it receives, which on average reaches around 1,200 a day via its on-site notification system or through e-mail. As such, Vader says he plans to hire more staff to enforce privacy policies and be more rigorous in vetting “sensitive information” posted to the site, which would require actively monitoring content as opposed to just responding to alerts.

Over the years Pastebin has become the publication tool of choice for global hacker collectives looking to publicly expose classified or otherwise sensitive information they acquire from various targeted organizations. And subsequently, the site has served as the dumping ground for illicitly swiped information from the FBI, the CIA, NATO, Sony, police agencies and various state and national governments, among other high profile organizations.

Currently, the site relies on an abuse report system that flags classified or illegal material that violate the site's terms and conditions, requiring that users refrain from posting passwords, stolen source code or other personal information. Pastebin states that anyone who fails to comply could have their IP addressed banned from the Website and their information turned over to authorities.

Join the Discussion