Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Lightweight Facebook social engineering scam

Published: 2008-12-29
Last Updated: 2008-12-29 23:19:11 UTC
by Toby Kohlenberg (Version: 1)
1 comment(s)

We've gotten reports (thanks to Steve who first reported it) of Facebook users receiving messages indicating that their photos have been stolen and posted to a different site (blinksnap.com and cheepfry.com). When you go to the sites, they request name, email and a password and then show you a picture of a monkey as a joke. However, if you enter your facebook account info, all your friends are sent the following message:

"Have been uploading your pics on blinksnap-com-go there

Has anyone informed you your photos are on cheepfry-com-go there" 

This doesn't have to be a huge threat. It's only an issue if you are silly enough to provide it with meaningful credentials if you reply at all. Please folk, remember to use unique credentials and don't give away your username/password.

UPDATE: Jeff pointed out that many/most of the sites that are connected to this scam seem to be using an IFRAME pointing at rotating-destination.com/taf/taf.html and most of the sites are resolving to a single IP address - 208.78.242.184

Keywords:
1 comment(s)

Next Bad Thing(tm) to be announced at CCC

Published: 2008-12-29
Last Updated: 2008-12-29 23:10:12 UTC
by Toby Kohlenberg (Version: 1)
0 comment(s)

There's currently a lot of discussion on a couple different forums about  Alex Sotirov's and Jake Appelbaum's talk scheduled for Tuesday at the CCC. While their description (http://events.ccc.de/congress/2008/Fahrplan/events/3023.en.html) leaves something to be desired, you can find additional discussion on the BreakingPoint Systems' blog: http://www.breakingpointsystems.com/community/blog/Attacking-Critical-Internet-Infrastructure

A quote from HD's blog entry: 

"First things first; the reason for secrecy. Their research combined a known weakness in one area with a massive resource investment in another to show that a third party was vulnerable to a practical attack that affects the security of all Internet users. Security researchers often release code and technical documentation to demonstrate a flaw, but in this case, they went a step further and used the attack in the real world to obtain proof that it works. This process required interaction with a third party that will likely do whatever they can to save face once the details become public."

There is a lot of speculation but I'm inclined to just say we're all looking forward to hearing the details and when we have more verified information we'll post it and let y'all know.

Keywords:
0 comment(s)

CCC video streams available

Published: 2008-12-29
Last Updated: 2008-12-29 22:59:59 UTC
by Toby Kohlenberg (Version: 1)
0 comment(s)

For those of us who were not able to make it to Berlin for the Chaos Communications Congress this year, it is now possible to get streaming audio and video of the talks here: http://events.ccc.de/congress/2008/wiki/Streaming

They have a wide variety of formats including multicast options and some audio only.

Keywords: CCC
0 comment(s)
Diary Archives