Virtual social network - new hacker 'gold mine'

Facebook is not only popular with users and marketers. Currently, hackers are looking for vulnerabilities in the JavaScript programming language, then implant malicious code on profiles of this popular social networking site, and other competing services.

Once these cyber scammers break into a profile, they can steal data and control the victim's computer remotely, spreading a lot of software containing malicious code, spam and attacks. phishing.

Last week, Sophos, a computer security firm, detailed an attack in which messages were posted on Facebook users' pages, inviting them to watch a video allegedly belonging to a Google website. But when clicking on the link, the victim will be redirected to a website containing malware.

' It's like a normal message from my friend ' quoted Gil Demeter, 23, an analyst with an investment bank in San Francisco, one of Facebook's 80 million users.

The malicious code entered Gil's mailbox and spread the same message to 200 of his Facebook friends. These messages were also sent to you by these 200 people and so on, Demeter said.

' If you don't have an appropriate antivirus program, that will be the problem, ' Demeter said. He then contacted Facebook and quickly changed his password.

Photo: Crunchgear Although Facebook immediately solved the problem, millions of people using this social network - those who send and share personal information - should be careful and cautious. The spread of malware on social networking sites has increased rapidly over the past year, said Jeremiah Grossman, senior technology officer at WhiteHat Security.

Since millions of people post and share personal information on Facebook, MySpace and other social networking sites, computer intruders can extend attacks from operating systems such as Microsoft Windows, and software applications such as Apple's iTunes.

The large-scale attack last week could be a sign for many more to come, experts say.

'Internet scammers want a solid position in your computer, ' Grossman said. ' Find a way to access your personal information is the next step '.

This prompted security experts at Facebook, MySpace and other sites to act quickly. Facebook corrected the error as soon as it was notified. Max Kelly, head of Facebook's security division, said: Less than 0.002% of Facebook users are infected - and all have been notified and instructed how to remove malware.

' If the user sees something wrong, tell us, ' Kelly said.

Every month, about 7 potential risks are reported by security researchers to Facebook. Once reported, the site will use a variety of high-tech tools to remove fake messages and trace their origins, Kelly said.

Facebook regularly posts instructions to avoid spam and phishing. MySpace, the worm victim in 2005, uses a group of security technologies, alert systems, tutorials and security tips to protect 117 million monthly users - Hemanshu Nigam, Senior security staff said.

' The important thing is the collaboration between technology companies, law enforcement and researchers ' Nigam said.

This will help many system administrators. Many of them are concerned about security risks between employees - social network users, according to a Symantec report released later this week.

One in four network administrators decides to block social networking in their network. 2 out of 3 others admitted that the company has no regulations on social networks.

' That's the problem, but it's hard to find a possible solution, ' said Kevin Haley, director of Symantec Security Response.

' Companies can prohibit employees from using social networks at work but can't ban them when they're at home, ' Haley said. ' They can download malware at home and then bring it to the office .'