Obama's Social Network Being Used to Spread Malware
Social media has been exhilarating so far - but are you ready to see it become a much bigger target for nefarious forces as it becomes more mainstream? WebSense Security Labs reports that the President's pre-election social network My.BarackObama.com, is being used by at least a handful of parties to spread malicious Trojans to unsuspecting network users.
Now that the "most powerful man on earth" is a "web 2.0" fan, we expect to see attacks and security challenges emerge on a much more significant scale.
According to the Websense report, multiple blogs have been created on My.BarackObama that contain images labeled as YouTube videos, but are linked to a 3rd party site that delivers a Trojan executable posing as a required video codec. Links to the offending blogs are now spread throughout forums and blog comments all over the web. Problems like this were first reported this Spring but have apparently remained unresolved and are expected to increase with Obama's election.
It's a smart attack, as evil moves go, as YouTube and Obama are trusted and video players often require downloads for Flash or other upgrades. Hundreds of thousands of people probably downloaded the proprietary applet required to view the inauguration on CNN.com without a moment's thought, for example.
If you thought that some of these sites were big targets before, we expect them to become even more so as they grow increasingly mainstream. Just as scores of people fall for phishing attacks due to inattention to or unfamiliarity with the behavior of browsers and their address bars - typical users can hardly be expected to be familiar with the standard behavior of a world of donkly widgets. How many of us long-time users really are? The site UTube.com still gets almost 1 million unique visitors each month, for goodness sake.
We expect that the job of new WhiteHouse social media director Macon Philips will involve at least as much security as it does marketing and communication. That part doesn't sound like a whole lot of fun.
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
"It's a smart attack, as evil moves go, as YouTube and Obama are trusted and video players often require downloads for Flash or other upgrades. Hundreds of thousands of people probably downloaded the proprietary applet required to view the inauguration on CNN.com without a moment's thought, for example."
Posted by: Daniel J. Pritchett
|
January 26, 2009 10:34 AM
This is to be expected, and yet so disheartening. Hopefully the do-gooders can't out pace the evil-dooers at least in web world. Although, it's an ambitious goal for the real world as well! In short, be careful what you download and trust no one:(
No surprise here, people will exploit anything when it comes to malware and virus spreading.
To be expected, it's just a reality these days; even on mainstream sites. Reminds me of that article that said of the top 100 sites over half had significant security risks to users. Gemalto is what I use to get the latest concrete info on stuff like this in addition to the more laid back style of blogs.