Facebook Developer Verification Won’t Stop Rogue Apps

Looking to clamp down on the escalation of malicious apps on its popular social network, Facebook will now require that every developer to verify their Facebook account by providing a mobile phone number or adding a credit card to their account.

While this is clearly a step in the right direction, this won’t stop rogue apps from wreaking havoc on the social network.

Research: 1.3 Million Malicious Ads Viewed Daily

The true extent of the malvertizing scourge became much clearer this week with the release of new research by Dasient which shows that about 1.3 million malicious ads are being viewed online everyday, most pushing drive-by downloads and fake security software.

A Look Deep Inside the Scareware Epidemic

Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky has written an in-depth article describing the scareware (fake anti-virus) epidemic.  The article touches on the common distribution techniques, the tricks used to scare users into paying fraudsters for a removal tool and the way code generators are being used to create these malicious programs.  It also provides some infection statistics and some practical protection advice.  Read the full article []

The Evolution of Rogue Anti-Virus


Guest post by Dmitry BestuzhevWe often write about the fact that cybercriminals constantly change their tactics to take account of developments in the security and software industries. And I just came across a great example of this: it shows how the people behind rogue antivirus solutions adapt their “products” to exploit developments and changes in genuine anti-virus solutions.


Visitors to technology blog Gizmodo are being warned that they could have picked up more than tips about the latest must-have gadget. A statement on the Gizmodo website admits that it was tricked into running Suzuki adverts which were in fact from hackers.  Read the full story [BBC News]

USA Today is reporting on a new variant of scareware that not only inundates users with exhortations to purchase phony antivirus software called “Total Security 2009,” but that also locks users out of nearly all applications until they purchase the disreputable product.  Once their PCs are infected with the malware, the only program users can open is Internet Explorer, so they can navigate to the site and make a purchase.

From Just Ask Gemalto (Dennis Fisher)
Computer users have been conditioned over the last few years to recognize and avoid many of the more common scams and threats on the Internet: email viruses, phishing, spam, Nigerian 419 ploys and work-at-home money-mule schemes. You know that an email promising funny pictures of Britney Spears is probably more likely to install malware on your machine than to brighten up your day with more of Britney’s zany antics.

Clickjacking: Ryan and Roel tackle browser-threat hype – Tue, October 21, 2008

The cross-browser clickjacking threat, malware on new Asus EEE machines, phishing and the elections/financial crisis, the iPhone security mess, Microsoft Patch Tuesday and the exploding fraudware/rogueware problems.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.