Page 1 of 1

Facebook shuts down malicious fake profiles

Posted: Fri Oct 02, 2009 6:23 pm
by enum21
Facebook on Thursday fended off an attack in which multiple identical profiles were created to spread malware.

Antivirus provider AVG Technologies said users of its LinkScanner service detected numerous profiles that were identical except with different names and each included a link to what was represented as a home video but which instead displayed a fake antivirus alert when clicked. The scams are designed to trick people into paying for software they don't need, to get credit card information from victims for identity fraud purposes, and often to install spyware on the computer.

"Clearly, the Data Snatchers have found a way to automate the creation of Facebook accounts, which means they've found a way to bypass the Facebook Captcha," Roger Thompson, chief of research at AVG, wrote in a blog post. Successfully translating a Captcha, a hard-to-read image of letters supposed to ensure that a human is involved, is required for a new account .

The malicious link was blacklisted by the major Web browsers and Facebook was blocking the URL from being shared on its site, said Facebook spokesman Simon Axten. Meanwhile, the company was working to identify all the fake accounts and disable them, he added.

Axten disagreed with the AVG speculation that the Captcha system had been broken.

"We're looking into how these accounts were created, but it's very likely that the sign-up process was manual, or that the person behind the attack farmed out the Captchas to be solved by humans for a price," Axten wrote in an e-mail.

For its Captcha system Facebook uses ReCaptcha, "which was recently acquired by Google and is about as well-regarded a Captcha provider as there is," he said


Image

When the link in the fake Facebook profiles is clicked a fake alert pops up that tries to convince the user that the computer is infected.

πηγή

Και στο facebook...
Προφανώς από τη στιγμή που έγιναν οι fake accounts σημαίνει ότι κατάφεραν να "σπάσουν" το captcha ή μήπως δεν είναι πράγμα και τόσο εφικτό? :smt017
Το recaptcha πάντως είναι πολύ καλύτερο και πιο ασφαλές.

Re: Facebook shuts down malicious fake profiles

Posted: Fri Oct 02, 2009 7:34 pm
by The Punisher
Όσο δυνατό captcha και να βάλεις, αυτό :
enum21 wrote:that the person behind the attack farmed out the Captchas to be solved by humans for a price
δεν το ξεπερνάς κάπως.

Γενικά πάντως, είχα διαβάσει ότι ακόμη και το reacpatcha το είχαν hackάρει. Λειτουργεί δίνοντας μια γνωστή του λέξη και μια άγνωστη (ώστε να "προσφέρει" με το να αναγνωρίσει την άγνωστη). Οι attackers είχαν φτιάξει ένα πρόγραμμα που καταλάβαινε ποια είναι η "γνωστή" (εύκολη) λέξη και την έγραφαν, προσθέτοντας ως δεύτερη λέξη μια δικιά τους πάντα. Επειδή έκανα πάρα πολλά τέτοια attacks, η μηχανή του Recaptcha νόμισε ότι για την άγνωστη λέξη η σωστή ερμηνεία ήταν όντως αυτή η πασπαρτού που χρησιμοποιούσαν οι επιτιθέμενοι, κι έτσι άρχισαν να τους τα περνάνε από το test ως επιτυχίες


Όποιος θέλει περισσότερες Info, μπορώ να βρω. Απλά πείτε το

Re: Facebook shuts down malicious fake profiles

Posted: Fri Oct 02, 2009 8:19 pm
by redlabel
Μαζί με τον Υ.Δ. μου κ. Γιάννη Σουπιώνη έχουμε κάνει εκτεταμένη έρευνα σε χρήση audio CAPTCHA (πχ. σε VoIP). Η παράκαμψη των περισσότερων από τα γνωστά CAPTCHA είναι εφικτή και όχι (ιδιαίτερα) δύσκολη. Τώρα σχεδιάζουμε κάποιο που είναι ανθεκτικότερο από τα υπάρχοντα. Για περισσότερες λεπτομέρειες pm me.

Δ. Γκρ.

Re: Facebook shuts down malicious fake profiles

Posted: Sat Oct 03, 2009 12:27 am
by stoupeace
The Punisher wrote:Όποιος θέλει περισσότερες Info, μπορώ να βρω. Απλά πείτε το
Το λέω. :)

Re: Facebook shuts down malicious fake profiles

Posted: Sat Oct 03, 2009 1:49 am
by The Punisher
Λοιπόν, εδώ θα βρεις την ιστορία που αναφέρομαι. Κάνω quote τα βασικά σημεία
Scanned text is subjected to analysis by two different optical character recognition programs; in cases where the programs disagree, the questionable word is converted into a CAPTCHA. The word is displayed along with a control word already known and is labeled by the human. Those words that are consistently given a single label by human judges are recycled as control words
What Anonymous realized was that if they always labeled the unknown scanned text with the same word – and if they did this thousands and thousands of times eventually a large percentage of the unknown words would be mislabeled with their word. All they had to do was look at the two words in the captcha, enter the proper label for the ‘easy’ one (presumably that would be the one that the two optical scanners would agree upon) and enter the word “penis” for the hard one. If they did this often enough, then soon a significant percentage of the images would be labeled as ‘penis’ and the ability to autovote would be restored (one side effect, that was not lost on Anonymous, was the notion that for years to come there would be a number of digital books with the word ‘penis’ randomly inserted throughout the text.
(που δε δούλεψε τελικά απ' ότι κατάλαβα)
By understanding how reCAPTCHA worked – the team was able to double their productivity (since they usually only had to enter one word instead of two). To further optimize their voting they created a poll front-end that allowed you to enter votes quickly while giving you an update of the poll status (and since it is a 4chan kind of crowd, they also provided the option to stream some porn just to keep you company while you are subverting one of the largest media companies in the world.
κλασσική τακτική η τελευταία




Περισσότερες λεπτομέρειες για το hack εδώ