All the latest UK technology news, reviews and analysis

Hackers attack MySpace and Facebook

by Clement James

03 Mar 2008

Comment: 1

  • Tweet this
Facebook
Facebook is among a number of sites to have been hacked

Buffer overflows are at the heart of a series of attacks against Facebook and MySpace, security firm Fortify Software has warned.

Criminal hackers now view social networking sites as their best target for attacks, according to Rob Rachwald, director of product marketing at Fortify Software.

Further reading

Part of the reason is that such sites are designed to be usable by " unsophisticated" consumers, meaning that the barrier to entry for attacks is potentially lower as users are more likely to click on a link that leads to malware.

"A buffer overflow enabled hackers to exploit the Aurigma ActiveX image uploading software used by Facebook, MySpace and other social networking sites, " said Rachwald.

"The bad news is that this exploit is being used in a hacker toolkit currently being offered for download on several Chinese language sites, meaning that novices have been able to stage these attacks, and not just professional hackers."

Rachwald argued that social networking sites can no longer limit protection to their own security practices, but must take in the practices of their suppliers.

"Had Facebook and MySpace required Aurigma to provide proof of a code audit before sourcing the plug-in this latest security issue could have been avoided, " he said.

Do you agree?

Add your comment

my space bull!!!!

i go on myspace almost everyday but i am really tired of people hacking into my profile sending my friends all of this crazy crap...... it makes me look bad because most of it is porn sites!!! this is crazy we need to find a way for this to stop!!!!!

Posted by: quitta 03 Mar 2008

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

Security threats - password theft

Eight-year Nortel hacking operation again shows enterprise vulnerabilities

Related white papers

Related articles

Related jobs

Today's top stories

Apple OS X Mountain Lion

Top five features of Apple OS X Mountain Lion

Clouds superimposed on a computer keyboard

Red Hat pushes cloud computing interoperability

Toy soldiers on keyboard representing cyber security

Boardroom gears up for cyber war

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 reporter Dan Worth

World-changing CERN experiments highlight humanity’s intrinsic curiosity

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

.Net Principal Development Engineer Lead- London

Principal Development Engineer Lead- London - Smart TV...

.Net Development Engineer - HTML, XHTML, CSS, DOM

Development Engineer - London - Smart TV, Gaming, Tablets...

Principal Development Engineer - .Net ,C# or Java -

Principal Development Engineer - London - Smart TV, Gaming...

Test Engineer -London - Smart TV, Gaming, Tablets, PC& Mac

Test Engineer -London - Smart TV, Gaming, Tablets, PC...

To send to more than one email address, simply separate each address with a comma.