Dorkbot malware on Facebook chat compromises web security!

Posted by Geraldine Hunt on Tue, May 14th, 2013

A new variant of the Dorkbot malware was discovered on Facebook this week,  the malware was being used by cybercriminals to harvest users' passwords. According to  Tech Central the criminals exploited a flaw in the file-sharing site MediaFire to spread the malware. The malware is spread through a botnet that uses the Internet Relay Chat (IRC) protocol to spread.The malware sent links to the malicious app to the victim's Facebook friends via the Facebook chat service. Clicking on the link would download and run the malware.

This is not the first time this year for Facebook to suffer issues. Earlier this year Facebook suffered an "error" that had an astounding ripple effect, as users of popular websites were redirected to a Facebook error page. It became clear to people that Facebook Connect could disrupt every site it linked to -- even more troubling was the view it gave us of possible future hacker attacks.

A layered approach to web security is key.

In security circles, the underlying issue is called "transitive trust." The average popular website links to all sorts of sites and services, with the typical home page featuring lots of third-party links. Each of those links could potentially be used by hackers for malicious intent. Your website or service is only as secure as its weakest link – literally!. Transitive-trust hacking is not new. It occurs every time a banner ad running on an innocent website ends up linking to a malicious malware laden website.

The best protection against malware, spam, hacker attacks, policy violations and other threats is a layered set of defenses in which software, services, hardware and policies are used to protect data and other assets at the network, system and application levels.  However, an obvious – but often-forgotten – layer in this cake of protection is the common sense of your users – one of the critical layers to prevent threats from gaining a foothold.

An unsecured network is a broken link enabling criminals to exploit your internal resources.

The internet provides benefits and opportunities to everyone, including criminals!. Phishing attacks take advantage of both technical and social vulnerabilities. Ongoing financial attacks are now a reality to the point that they’re considered the norm.The fact that some organisations don’t take the necessary measures to protect themselves against what can only be described as increasingly ingenious scams is worrying. With a successful phishing and malware attack, everything is at risk.

A company network can suffer a malware infection as a result of an employee clicking on a bogus link in a Facebook post or other social networking site. The impact of a successful malware attack can have serious and long term consequences such as unauthorized network access, exposure of the companies  information systems and the exploitation of this highly classified business information by criminals.  An unsecured network is a broken link and enables criminals to take advantage of your internal resources.

Social media tools are a great way for users to share information opening  up new and powerful ways to engage with a company’s customer base.  On the other hand, it can expose business to security threats and reduced network productivity and be a great way for a spear phisher or whaler to target someone. Lack of proactive measures to deal with the attacks can cost companies financially through the loss of data and system downtime.