Pierluigi Paganini
February 04, 2012
In recent years it has fully understood the offensive capability of the use of cyber weapons, highly efficient tools to move attacks and espionage operations in total coverage.
The effectiveness of the cyber threat is linked not only to its intrinsic characteristics, but also to the choice of channel for its spread and in this social media represent a privileged factor. For this reason, governments and institutions are promoting and supporting the processes of monitoring and surveillance of social networking.
To ensnare the user through the social networks are proposed sensational breaking news, but beware of malware lurking. Recently a huge number of Facebook users have found status messages today claiming that the United States has attacked Iran and Saudi Arabia.
Trying to visit the proposed link the user is redirect to fake website of the main journals that report the news. In this instant the trap begin, incfact clicking on the video thumbnail the page request to the user to install or update components like Adobe Flash player. This kind of message are a really familiar for user that are are misled. Company names like Adobe or Microsoft do not arouse suspicion and cause the user to follow the procedures described in the pop up malicious.
In this way the malware gains the access to the pc of the victim’s pc. Sophos Firm has alerted its customers regarding the threats of the agents Troj/Rootkit-KK that drops a rootkit called Troj/Rootkit-JV onto your Windows systems and also of the malware known as HPsus/FakeAV-J.that create a fake explorer.exe process.
I started this article by focusing on the military scope and I ended up moving to aspects regarded playful social networks. One commits an unforgivable error if the areas are approached separately, the threat is dangerous and in any case deserves the same attention no matter its origin. We have assisted in more than one occasion to accidents caused by improper use of social networks and mobile storage devices, used as vectors to inoculate malware in military areas. Material defense, aerospace stations, and more generally any critical infrastructure is at risk.
The malware polymorphic of the latest generation are able to exploit 0-day vulnerabilities and sometimes to combine mutually accidentally generating a dangerous offensive from which to defend is not simple. These agents, once infected the victim, live by themselves, they can remain silent and steal information, they can in turn be distributed independently user action spreading itself to victim’s contacts, they can infiltrate sensitive systems.
Do not be deceived so that a scareware is a threat to distracted kids playing on social networks … there is much more at stake.
Pierluigi Paganini
