Worm Steals 45,000 Facebook Login Credentials, Infects Victims’ Friends
A worm previously used to commit financial fraud is now stealing Facebook login credentials, compromising at least 45,000 Facebook accounts with the goals of transmitting malicious links to victims’ friends and gaining remote access to corporate networks.
The security company Seculert has been tracking the progress of Ramnit, a worm first discovered in April 2010, and described by Microsoft as “multi-component malware that infects Windows executable files, Microsoft Office files and HTML files” in order to steal “sensitive information such as saved FTP credentials and browser cookies.” Ramnit has previously been used to “bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks,” Seculert says.
Recently, Seculert set up a sinkhole and discovered that 800,000 machines were infected between September and December. Moreover, Seculert found that more than 45,000 Facebook login credentials, mostly in the UK and France, were stolen by a new variant of the worm.
“We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further,” Seculert said. “In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.”
Facebook fraud, of course, is nothing new. Facebook itself has acknowledged seeing 600,000 compromised logins each day, although that accounts for just 0.06 percent of the one billion Facebook logins each day.
This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.
Google Deranks Chrome Download Page Due to Spam Links
The Chrome download page has disappeared.
For the next 60 days Google searches for the words “browser,” “Chrome” or even “Chrome browser” will not include a link to the main Google Chrome download page. Google removed the Chrome download page from its search results after it discovered that one of its own sponsored post campaigns had violated its webmaster guidelines.
Because no one likes spammy links in Google search results — least of all Google — the company has penalized its own Chrome browser just like it would any other company using the same tactics. Searching Google for these terms will still bring up links that can eventually lead users to the Chrome download page, but there is no direct link (there are links to the Chrome beta download page in some results).
Search Engine Land’s Danny Sullivan discovered the suspicious links in Google’s search results and pointed out that they seem to violate Google’s webmaster guidelines, which prohibit “buying or selling links that pass PageRank.” All of the pages in question clearly stated that they were sponsored posts (created with Google’s implicit blessing as part of a campaign from Unruly Media) which means, according the Google’s webmaster guidelines, all the links should have been using rel=”nofollow”. Most did use nofollow, but one did not.
Matt Cutts, head of Google’s webspam team, responded to Sullivan’s article saying that the webspam team had manually demoted the Chrome downloads page:
We did find one sponsored post that linked to www.google.com/chrome in a way that flowed PageRank. Even though the intent of the campaign was to get people to watch videos — not link to Google — and even though we only found a single sponsored post that actually linked to Google’s Chrome page and passed PageRank, that’s still a violation of our quality guidelines, which you can find at http://support.google.com/webmasters/bin/answer.py?hl=en&answer=35769#3 .
In response, the webspam team has taken manual action to demote www.google.com/chrome for at least 60 days. After that, someone on the Chrome side can submit a reconsideration request documenting their clean-up just like any other company would. During the 60 days, the PageRank of www.google.com/chrome will also be lowered to reflect the fact that we also won’t trust outgoing links from that page.
While Google’s response may seem extreme, it’s not the first time the company has punished its own. Google previously banned BeatThatQuote (one of its own companies) over almost the same issue last year. And of course it also deranked JC Penny and Forbes for similarly shady tactics.
Clearly Google doesn’t have a double standard when it comes to violating its own guidelines, but, as Sullivan points out, that the company paid Unruly Media to run the ad campaign in the first place is troubling. “Google’s paying to produce a lot of garbage,” writes Sullivan, “the same type of garbage that its Panda Update was designed to penalize.”
The “Panda Update” involved tweaks to the way Google’s algorithms rank search results which heavily penalized co-called “content farms.” Google defines content farms as “sites with shallow or low-quality content.” In other words, sites just like the ones Google was paying Unruly Media to create.
Microsoft Bids Farewell to IE 6 as U.S. Use Drops Below 1 Percent
IE 6 falls below 1 percent in the U.S. Delicious.
Microsoft is throwing itself a little party to celebrate the demise of Internet Explorer 6. Based on the latest data from Net Applications, the much-maligned browser recently fell below 1 percent in the United States, which prompted the IE Team to celebrate with a cake on IE 6’s grave, as it were.
Roger Capriotti, director of Internet Explorer marketing, writes, “IE 6 has been the punch line of browser jokes for a while, and we’ve been as eager as anyone to see it go away.”
The U.S. joins Austria, Poland, Sweden, Denmark, Finland and Norway in the less-than-1-percent category and several more nations are not far behind. Microsoft also recently announced that it would begin forcing IE updates for those that have opted into automatic Windows Updates, which should help further reduce the number of both IE 6 and IE 7 users.
Unfortunately for web developers the worldwide browser market share picture is not quite as bright. Internet Explorer 6 still has a considerable user base in China, where it tops 25 percent, and much of the rest of Asia hovers in the 5 percent range.
The other bad news is that despite the demise of IE 6, compensating for the shortcomings in both IE 7 and IE 8 remain necessary parts of a web developer’s job. And, given that Windows XP users will never be able to upgrade beyond IE 8, IE 8 will likely take IE 6’s place as the official pain in the ass of web developers everywhere.
Photo from the Windows Team Blog
Connect with ZionCG