Malware's New Frontier

Updated: August 20, 2012

Malware battles are being fought on several different battlefields, including workstations, servers, mobile devices and networks. Attackers, in their constant attempts to compromise and mangle systems and devices, are forever probing and testing, looking for weak spots wherever they may exist. Two new platforms attracting increased attacker interest are the Facebook social network and Apple Inc.'s high-profile iPhone.

Facebook: Social Network with a Bull's-Eye?

Renowned as a top social-networking site, Facebook has more than 60 million active users, a handful of whom are intent on causing digital mayhem. A 2006 study by Web security firm ScanSafe found that, on average, up to 1 in 600 profile pages on social-networking sites host some form of malware.

The first widely publicized Facebook malware event occurred in February 2006, when a couple of users took advantage of an XSS (cross-site scripting) profile page vulnerability to create a rapidly propagating yet relatively benign worm. The suspect code loaded a special file on user profiles that made pages resemble profiles from archrival MySpace.com. Perhaps figuring that it was a good idea to embrace its enemies, Facebook eventually hired the attackers. Yet since then, Facebook has found itself confronting a series of embarrassing security violations.

In April 2006, a user — since banned from Facebook — embedded code in his profile that loaded an external page containing a Flash game and streaming video, an exercise that exposed a potential security flaw in Facebook's technology. A little more than a year later, in July 2007, another user uncovered an XSS hole that could be used to insert JavaScript into user profiles for the purpose of creating a worm.

In January 2008, several Internet-security organizations alerted clients to what might be the most serious threat to Facebook users yet. The Secret Crush application, distributed through Facebook, is little more than a destructive "social worm." The code spreads by sending Facebook users a note that a friend has a crush on them. The user is then asked to download an application that leads to an adware module. Facebook has since blocked Secret Crush for violation of the site's terms of service, but many security experts continue to worry about the Facebook's vulnerability to future attacks.

iPhone Trojan Horse Appears

In the world of malware targets, platforms don't get any better than the innovative and widely publicized iPhone. An attacker who can figure out a way of bringing an iPhone to its digital knees can be assured of receiving widespread recognition.

When Apple introduced its iPhone in January 2007, many security experts warned that the platform would be a tempting target for attackers and that it would be only a matter of time before the first piece of iPhone-targeted malware appeared. These predictions were fulfilled in January 2008. That's when an application that masked itself as an update to the popular Erica's Utilities application, and bore the label "113 prep," appeared.

Fortunately, to the relief of just about everyone, the malware didn't pose a big risk to iPhone users. The Trojan horse specifically targeted users who modified their iPhones to install third-party applications, leaving run-of-the-mill iPhone users in the clear. Still, as with Facebook, many security analysts believe that the iPhone Trojan horse is only the first of what may turn out to be a series of iPhone malware outbreaks.

Whether you use Facebook, an iPhone or any other Internet-linked service or device, remember to keep your anti-virus software up-to-date at all times. And as always, don't install any unnecessary applications.