Malware's New Frontier

Updated: April 30, 2009

Malware battles are being fought on several different battlefields, including workstations, servers, mobile devices and networks. Attackers, in their constant attempts to compromise and mangle systems and devices, are forever probing and testing, looking for weak spots wherever they may exist. Two new platforms attracting increased attacker interest are the Facebook social network and Apple Inc.'s high-profile iPhone.

Facebook: Social Network with a Bull's-Eye?

Renowned as a top social-networking site, Facebook has more than 60 million active users, a handful of whom are intent on causing digital mayhem. A 2006 study by Web security firm ScanSafe found that, on average, up to 1 in 600 profile pages on social-networking sites host some form of malware.

The first widely publicized Facebook malware event occurred in February 2006, when a couple of users took advantage of an XSS (cross-site scripting) profile page vulnerability to create a rapidly propagating yet relatively benign worm. The suspect code loaded a special file on user profiles that made pages resemble profiles from archrival Perhaps figuring that it was a good idea to embrace its enemies, Facebook eventually hired the attackers. Yet since then, Facebook has found itself confronting a series of embarrassing security violations.

In April 2006, a user — since banned from Facebook — embedded code in his profile that loaded an external page containing a Flash game and streaming video, an exercise that exposed a potential security flaw in Facebook's technology. A little more than a year later, in July 2007, another user uncovered an XSS hole that could be used to insert JavaScript into user profiles for the purpose of creating a worm.

In January 2008, several Internet-security organizations alerted clients to what might be the most serious threat to Facebook users yet. The Secret Crush application, distributed through Facebook, is little more than a destructive "social worm." The code spreads by sending Facebook users a note that a friend has a crush on them. The user is then asked to download an application that leads to an adware module. Facebook has since blocked Secret Crush for violation of the site's terms of service, but many security experts continue to worry about the Facebook's vulnerability to future attacks.

iPhone Trojan Horse Appears

In the world of malware targets, platforms don't get any better than the innovative and widely publicized iPhone. An attacker who can figure out a way of bringing an iPhone to its digital knees can be assured of receiving widespread recognition.

When Apple introduced its iPhone in January 2007, many security experts warned that the platform would be a tempting target for attackers and that it would be only a matter of time before the first piece of iPhone-targeted malware appeared. These predictions were fulfilled in January 2008. That's when an application that masked itself as an update to the popular Erica's Utilities application, and bore the label "113 prep," appeared.

Fortunately, to the relief of just about everyone, the malware didn't pose a big risk to iPhone users. The Trojan horse specifically targeted users who modified their iPhones to install third-party applications, leaving run-of-the-mill iPhone users in the clear. Still, as with Facebook, many security analysts believe that the iPhone Trojan horse is only the first of what may turn out to be a series of iPhone malware outbreaks.

Whether you use Facebook, an iPhone or any other Internet-linked service or device, remember to keep your anti-virus software up-to-date at all times. And as always, don't install any unnecessary applications.

Related Categories
Featured Research
  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more