Immunet Blog

This week, Facebook users were struck with a clickjacking worm that deceives users into “liking” sites to spread the virus. Clickjacking, similar to phishing, either tricks users into giving away sensitive information or works by hackers taking control of a computer when a user clicks on what seems like a harmless site. Here’s how the Facebook clickjacking worked, as reported in InformationWeek:

Clickjacking -- also known as likejacking -- works by spamming Facebook users with such content as "LOL this girl gets owned after a police officer reads her status message” and “the prom dress that got this girl suspended from school."

Click on the link, and a user will go to a seemingly blank page that says “click here to continue.” But thanks to “an invisible iFrame,” said [Graham Cluley, senior technology consultant at Sophos, on the company’s blog], clicking anywhere on the page actually republishes the attack content and link on the Facebook user’s status page, “in a similar fashion to the ‘Fbhole’ worm we saw earlier this month.” Fbhole likewise spread via Facebook status messages.

Other recent examples of this type of attack include, the “Distracting Beach Babes.”   If you’re struck, the key is to remove all the "likes and interests" from your profile. Then, delete the page from your newsfeed, most likely to be found in the ‘Recent Activity’ section of the profile but you may have scroll down for a bit. Then, get yourself protected to keep it from happening again. Your best bet is a product, like Immunet Protect, that is designed specifically to target malware on social networks, in particular Facebook. And if you haven’t yet been hit, download AV protection now as a preventative measure.

There’s really no reason not to take this simple step. It’s free to download Immunet Protect, it’s lightweight and won’t slow down your computer, and it provides essential security for your PC.

While Facebook’s security measures have been garnering top media attention, Mark Zuckerberg’s hugely popular network isn’t the only site hackers are targeting. Twitter’s mushrooming community has also become a favorite for hackers. 

They’re of course, drawn to Twitter’s user base that reaches well into the millions and according to some forecasts will hit 1 billion users by 2013. Case in point, earlier this month the Sunbelt Blog demonstrated how a DIY Twitter Botnet Creator is making botting shockingly simple for hackers. The good news is, the attack method exposes the hackers. And Sunbelt has already notified Twitter about the risk. While Twitter is doing everything it can to keep its users safe, it’s wise to ensure that you’re taking some extra precautions as well. 

Scares, like the DIY botnet, serve as a necessary wake-up call to remind us that undiscovered risks continue to lurk in the digital world. We deserve to enjoy our online communities, but the truth is, we have to be smart about how we do it. 

This is where Immunet Protect comes in. As with Facebook, Immunet Protect is designed to explicitly combat threats on sites like Twitter.

It’s free to download Immunet Protect, it’s lightweight and won’t slow down your computer, and it provides essential security for your PC. Why not do your part to keep you – and your community -- safe? 



Yesterday, Facebook’s CEO Mark Zuckerberg promised new privacy controls in the Washington Post, amid some criticism of the site’s recent changes. Kudos to Zuckerberg for stepping up and reinforcing Facebook’s commitment to users. In the Washington Post, Zuckerberg  points out, "there needs to be a simpler way to control your information.” And "in the coming weeks, we will add privacy controls that are much simpler to use." Great! But what he didn’t address was the troubling influx of malware on the site in recent weeks.

Let’s recap. There was the free giftcard scam, the Facebook worm, the beach babe virus, the “sexiest video ever,” among others. The malware that users share on Facebook spreads like wildfire because Facebook's viral sharing hooks really work, even if the content being shared is damaging to end users. 

We know that Facebook’s security team is hard at work trying to combat the malware issues that arise when criminal hackers are financially motivated to prey upon Facebook’s 400 million active users. However, while Facebook is doing what it can to keep us safe through their own security controls and through user education (like the Facebook Security page), ultimately the responsibility to protect -  both ourselves and our networks - falls on us. Facebook has no control over what software you do or don't have installed on your PC to protect yourself, but you can see why Facebook would be a safer community if every user on Facebook had real-time, effective antivirus protection that they could easily share for free. 

With antivirus products like Immunet Protect that are specifically tailored protect users of social networks like Facebook, it’s never been easier to be safer online, or easier to protect your community. It takes seconds to download protection that will last you a lifetime. What are you waiting for?

Why is it that 50% of all Internet users either don’t have AntiVirus protection or have protection that’s expired or out of date? Between 30-40,000 (thousand!) new viruses are created each DAY, and yet a large percentage of the consumer population remains vulnerable to these threats. So what’s going on here? Perhaps people are too trusting that website security professionals such as Twitter’s Trust and Safety team, or those involved in the Facebook Security Wall will just take care of malware for them.

Consumer Reports has a good phishing test for consumers (and Donna even wrote a post about the dangers to social media, a topic near and dear to all of us at Immunet). eHow has a few good steps to follow. MSNBC offers some good advice from the AP. CNET even tried to help people avoid malware from trusted site the Drudge Report.

We think more people don’t have AntiVirus due to combination of price, effectiveness (or lack thereof), resource and system drain and software conflicts that afflict traditional AntiVirus software. To be fair, without the collective benefit of a cloud-based community that can help to detect, update and defend each other against thousands of new threats daily, it takes copious resources in terms of human and technology costs (which are passed along to the consumer) for a traditional AntiVirus provider to do all the work themselves.

With Immunet Protect’s Collective Immunity, we’ve solved this problem and torn down the barriers standing in the way of increasing consumer AntiVirus penetration from 50% to closer to 100%.  The closer we are as an industry to 100% antivirus penetration, the safer the Internet becomes for everyone online.

We put a focus on educating people on how to avoid getting a virus, from the basics to black SEO to social media aggregators to Facebook-specific worms to how to’s.

It seems attackers have the means to overcome today’s ‘AntiVirus common sense’ we’ve all grown to embrace, namely, only click on links from trusted sources. Now these sources can no longer be trusted.

Case in point is the new spear phishing threat targeted at social networking. Core Security Labs demonstrated this at the RSA Conference last week and lots of people have followed up on the problem. What to do?

While common sense is still very important, getting a real-time AntiVirus that recognizes a threat instantly is just as vital. Viruses take time to spread and the longer one goes undetected, the more dangerous it gets. Immunet Protect’s Collective Immunity solves this problem by detecting a virus from the community and instantly protecting all users against that virus.  



The core theme for viruses is trickery. Fool a person into clicking on a link they think is accessing something they want and the infection spreads (Twitter viruses, Facebook viruses, etc). Viruses spread really fast with this approach – look at the recent Gmail worm the New York Times wrote about. Social media has proved to be a hotbed for this deception and people are getting wise to it. That’s good.

What’s bad? Aggregating all your social media ‘stuff’ in one location, like the recent Microsoft Outlook 2010 Social Connector, Meebo and Snaptu (for phones). As a consumer, surfing Twitter, Facebook and the rest comes with a known risk – watch out for links. Do such ‘street-smarts’ erode if all your activity is accessible from a trusted application, such as Outlook or another? The links are still suspect but our keen eye might dim a bit.

Real-time antivirus protection becomes even more important with the adoption of these social media portals. Yet another reason that Immunet Protect’s “Collective Immunity” against viruses deserves a look as a means to protect you and your community. Once a virus is detected, all users are instantly protected against that virus, rather than having to wait days to update software.

Think about that for a minute. If you have 200 Facebook friends, 1,000 Twitter followers and share files with 50 people and any one of them gets a virus, Immunet Protect kicks in and everyone is instantly protected – you’re all safe! Now, look at this example with traditional, clunky antivirus applications, where there may be 15 different programs running across your 1,250 connections. It might take days to update each program’s database. How many times will you interact, click on and forward links and files among the group in a few days, potentially infecting thousands of your friends and followers!? Scary, right!

Today, the fine reporters of SC Magazine ran a bit of research from Sophos about the US being branded “the dirty man of the web world”. Infected websites, malware and malicious software abound.

We already know Twitter viruses, Facebook viruses and the host of other social networking attacks are an issue. Now, the trustworthiness of legit websites is an increasing concern and time is an issue - time, in the sense that antivirus protection follows the identification of a threat. This could take days for traditional software. There are plenty of examples around the forums. 

This is precisely the reason overlaying existing antivirus software with Immunet Protect is beneficial. Immunet’s community focus plus the Collective Immunity protection feature means if anyone using Immunet Protect registers a virus, all users are instantly protected against that virus. To better illustrate this point, have a look over the actual numbers:

Twitter viruses, Facebook viruses and the host of other social networking attacks have reintroduced the world to why malicious code have been dubbed ‘viruses’. An infection starts with one person and spreads through online contact. Social media is thus akin to locking your PC in a room with 10,000’s of other PCs – one sneeze and you’re toast.

Don’t want some other PC’s Koobface, nor do you want self-imposed Facebook isolation for PC health reasons?

This week, Facebook and McAfee joined forces to offer social network virus protection. We think this is a good first step and overlaying Immunet Protect is an even better one. Immunet’s community focus plus the Collective Immunet protection feature is ideal for users on Facebook, and our side-by-side install support with McAfee means no hassle, no fuss. In particular, our footprint (less than 5 megabytes), speedy performance (instant, real-time threat evaluation) and community strength (50,000+ users collectively protecting each other) make a very effective antivirus booster-shot if you’re using McAfee already.

Of course, if you’re concerned about social network hygiene and aren’t interested in investing in yearly license renewals (McAfee on Facebook is only free for six months), well, get Immunet Protect today - it’s free and always will be.