Black Hat 2008 - Look for Social Nets and DNS to Be Hot Topics

Robert Vamosi of Cnet has a good round up of the upcoming Black Hat 2008.

Look for social networking and multivendor DNS problems to be a big part of the conversation.  Just this month we’ve seen the DNS monster rise up.  Also what isn’t as visable are the little exploits in the social media or social network fabric.  Things like twitter spoofing, twitter attacks, and a entirely new definition of “Fake Friends”.

This week it’s Twitter’s turn to host an attack - one that is targeting both Twitter users and the Internet community at large. In this case it’s a malicious Twitter profile twitter.com/[skip]/ with a name that is Portuguese for ‘pretty rabbit’ which has a photo advertising a video with girls posted.

This profile has obviously been created especially for infecting users, as there is no other data except the photo, which contains the link to the video.

If you click on the link, you get a window that shows the progress of an automatic download of a so-called new version of Adobe Flash which is supposedly required to watch the video. You end up with a file labeled Adobe Flash (it’s a fake) on your machine; a technique that is currently very popular.

In reality, this is a Trojan downloader that proceeds to download 10 banker Trojans onto the infected machine, all of which are disguised as MP3 files. We first detected the downloader proactively as Heur.Downloader and then added a signature to detect it also as Trojan-Downloader.Win32.Banload.sco.

On other related blogging Adobe is seeing bad activity around their platform. From the Adobe web site “We have seen coverage from the security community of a worm on popular social networking sites that is using social engineering lures to get users to install a piece of malware. According to the reports, the worm posts comments on these sites that include links to a fake site. If the link is followed, users are told they need to update their Flash Player. The installer, posted on a malicious site, of course installs malware instead of Flash Player.”

Old infrastructure standards like DNS and new emerging environments like Web 2.0 provide a breeding ground for new security problems or black hat techniques.

Looking for a job - go into security.  This will be a big growing area.