Facebook Virus Turns Your Computer into a Zombie

Discussion in 'other security issues & news' started by Thankful, Dec 5, 2008.

Thread Status:
Not open for further replies.
  1. Thankful

    Thankful Savings Monitor

    Feb 28, 2005
    New York City
  2. TonyW

    TonyW Registered Member

    Oct 12, 2005
  3. Rmus

    Rmus Exploit Analyst

    Mar 16, 2005
    Fake Flash updates have been around for awhile. A recent notorious one back in August was the CNN video exploit:

    Massive Faux-CNN Spam Blitz Uses Legit Sites to Deliver Fake Flash

    When this type of exploit was seen last year - exploits also included fake Codec prompts - I decided drastic measures were needed, and I advised people to immediately close out the web site/video, no matter how alluring it might be.

    They know that all updates should be from the vendor's web site and *never* to go to one via a URL click either from a web site or from an email. They know how to check their Flash version.

    For social networking sites, the older children can learn to follow these policies. For the younger children, I stress that the parents should keep the computer locked down so that only the parents can install anything. The most bullet-proof methods are those which are Deny by Default. The only two I know are Software Restriction Policies and Anti-Executable. With these methods, there is no prompt to Allow/Deny and no way the child can install anything without the parent's permission. In one case, we customized Anti-Executable's alert message:


    So, if little Mary receives a link to a video from her friend, Sally, gets a prompt to update Flash, decides to click on it, the result is a disappointed Mary because, "Mom, Sally sent me this neat video and it won't play."

    While it is sad that there have been so many victims of these types of exploits, it is evident that it doesn't have to be so.

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.