Discussion on:
This is the standard of vague reporting we're getting used to around here.
Which "social network" has the ana maria account?
The source article says Twitter.
@atwood@... Social net used was 'Orkut' the Brazilian version of Facebook.
@pflynn4685@... Orkut is not the Brazilian version of Facebook. It was an early Google experiment with social networks (actually, by an employee in his free time) that caught like fire in Brazil and a few other countries like India and (until banned and blocked) Iran, where it is far more popular than Facebook or any other social network. The overwhelming prevalence of messages in Portuguese (and also Hindi, Farsi etc.) scared away people from other countries and Brazilians are by far the largest user base, with over 20 million accounts. However, in principle Orkut remains an international network open to anyone and with its interface available in a lot of languages. There are similarities with Facebook, but also many differences - although there are groups, Orkut works much more on a person-to-person basis, as opposed to Facebook's more "broadcast" postings.
@bill957@... it *is* Orkut, no doubt. I am no longer there, but I recognize the interface. Besides, given Orkut's overwhelming popularity in Brazil over any other social network (over 10 times Facebook's Brazilian user base), if the Trojan targets Brazilian bank accounts, it would be stupid to use any other social network.
Are social networks a heaven for cybercriminals and their botnets?
Where will you ever find a bigger collection of hapless dummies just begging to be pwnd? There's your answer.
Where will you ever find a bigger collection of hapless dummies just begging to be pwnd? There's your answer.
@klumper
hapless dummies have every right to use social and e-commerce networks, and of course they aren't begging to be frauded, their naivite is no blame. the real responsibility is those owners and operators of social networks to prevent malicious methods of attack and when they find IT security vulnerabilities that have been exploited, they should prevent them from happening again. this case shows the importance of using a semantic-web lexicon to connect words in textarea objects of a public network to verify that they are not putting unintelligbles for injection.. see RDF (resource description framework) or some kind of middle-ware check on hexidecimals (that passthrough HTMLspecialchars) and/or the lack of whitespace. less and less criminals will use social networks as long as the intelligence of their owners remains better than the criminals themselves. the best code wins, or will win eventually
hapless dummies have every right to use social and e-commerce networks, and of course they aren't begging to be frauded, their naivite is no blame. the real responsibility is those owners and operators of social networks to prevent malicious methods of attack and when they find IT security vulnerabilities that have been exploited, they should prevent them from happening again. this case shows the importance of using a semantic-web lexicon to connect words in textarea objects of a public network to verify that they are not putting unintelligbles for injection.. see RDF (resource description framework) or some kind of middle-ware check on hexidecimals (that passthrough HTMLspecialchars) and/or the lack of whitespace. less and less criminals will use social networks as long as the intelligence of their owners remains better than the criminals themselves. the best code wins, or will win eventually
Several major banks use a rootkit to install their "security program" in users systems. It is installed by several banks when they start online banking. There is no easy to uninstall the software. When a tecnician uses Autoruns by Microsoft, it is readily apparant the client is using banking software. If you do want to uninstall the software, you will not get any help from the banking comunity and they will not even admit any knowledge of the software as it comes from a third party. Ask the client... Oh, you are NOT using this software? The client does not have a bank account at Caixa or Banco do Brasil, etc? You just discovered the trojan.
There was also a great article in FINEXTRA recently about how a security services company, used social networks to penetrate a US bank ( http://www.finextra.com/news/fullstory.aspx?newsitemid=21342 ). However, inbound malware is what we've seen as the biggest risk in our fifth annual survey (high level results here: http://info.facetime.com/Survey10Request.html)
emmanuelusa - yes. I'm so tired of ppl blaming the victim when a computer gets infected. It's like blaming the victim woman after a rape. The gub'mnt needs to be more agressive after these perputrators. The Alureon virus is especially nasty.
Well done! Thank you very much for professional templates and community edition
sesli sohbet sesli chat
sesli sohbet sesli chat
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
