Original Web 2.0 Dangers, malware in images

Original Web 2.0 Dangers, malware in images

Web 2.0 is the phrase that more or less was describing the new interactive type sites coming online, such as Facebook today, and what is now called Social Engineering. It also referred to new types of display type add-ons to websites. It is describing innovation in some vein to new designs, applications on websites. Flash format is included. Microsoft Silverlite became these type new ways or innovation of display as more clarity even in graphics. One fairly visible item on many websites now are Tag Clouds, which are all the key words a website uses referring to the content in the site to help search engines and visitors and are displayed in a cloud of search/tag key words.

Perhaps even PHP format can be included https://en.wikipedia.org/wiki/PHP 

NOTE that quality antimalware (antivirus+antispyware) with Real Time Protection (or HIPS) activated protects against these – keep it updated and running 24/7!

Most on the Net of newer users just ran with Web 2.0 meant the new social interfacing applications like a bunch of chatty-cathys/charlies completely dismissing security concerns and actual malware now surfacing in newer website add-ons, embedded, etc. They will say Web 2.0 Dangers has nothing to do with malware out of ignorance, or playing ostrich, or duping the public with dumb pills intentionally as malicious trolls and cyber criminal gum shoes do at places – intentional misinformation to make you their mark. The malware infection in these add ons pretty much resulted in drive-by infection – simply visiting the website with the malware embedded, and unseen, infecting the PC right over the Net.

Basically and bottom line is that in recent years there has been quite the changes with more graphical format and embedded and add ons on websites and the term security-wise as  Web 2.0 Dangers here generally applies to drive-by infection at a website (intentionally or hacked) as opposed to infection through email attachemnts or bad software downloads laced with malware and being duped into clicking some bad link online etc etc etc.

Newer rare event as part of Web 2.0 Dangers is actually getting infected while playing a movie online in an embedded player – embedded malware encoded in the movie infects the PC.
EXAMPLES…
How to Fix a Flash Virus | eHow.com
http://www.ehow.com/how_5998536_fix-flash-virus.html

How Movie Files Can Become The Source Of Malware Attacks
Lifehacker Australia
Apple’s latest security update for Mac OS X includes a series of patches to Quicktime designed to stop the movie playback software from being exploited to launch a malicious attack…..
http://www.lifehacker.com.au/2013/07/how-movie-files-can-become-the-source-of-malware-attacks/

———->
An actual real, amatuer forensics I performed for a friend infected this way
HERE…
Forensics: “Unknown Flash Movie Virus”
http://bluecollarpc.us/2013/05/07/forensics-unknown-flash-movie-virus/
By bluecollarpc – Last updated: Tuesday, May 7, 2013

I saw this new article (below) and realized immediately what has been discovered. Below is a copy of the post to our Help and Alerts Group…  http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Web 2.0 Danger Discovery – Malware hid in image exif metadata     
Posted By: bluecollarpc
Thu Jul 25, 2013 11:39
http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/message/3234
 
Malware hid in image exif metadata
SC Magazine Australia
Sucuri researcher Peter Gramantik found the compromised but working images on a small number of sites. He said attackers had preserved the image by storing malware within the image exif metadata, which contained time and geo location information.
http://www.scmagazine.com.au/News/350928,malware-hid-in-image-exif-metadata.aspx

BlueCollarPC.US Writes;
THIS mentioned….
New virus first to infect Macromedia Flash (January 8, 2002)
http://news.cnet.com/New-virus-first-to-infect-Macromedia-Flash/2100-1023_3-803829.html
IS ACTUALLY one of first in WEB 2.0 DANGERS concerning embedded add on
media in websites. The malware dangers of these are generally not added
or spoken about in general Web 2.0 conversations BUT are that
security-wise intregal part of WEB 2.0 DANGERS as a coined phrase that
generally now calls to mind Social Engineering etc. as concerning
interactive applications online as Facebook. The abscense of malware in
Web 2.0 Dangers is generally due to the ignorance or playing ostrich of
the speaker.

Web 2.0 – Wikipedia, the free encyclopedia
The term “Web 2.0” refers to a perceived second generation of web
development and design, that aims to facilitate communication, secure
information sharing, …
http://en.wikipedia.org/wiki/Web_2.0

ALSO MAY APPLY

Network Forensics
http://www.techopedia.com/definition/16122/network-forensics?utm_campaign=newsletter&utm_medium=tod&utm_source=07182013
What does it mean?
Network forensics refers to investigations that obtain and analyze
information about a network or network events. It is a specialized
category within the more general field of digital forensics, which
applies to all kinds of IT data investigations. Typically, the phrase
network forensics refers to the specific network analysis that follows
security attacks or other types of cybercrimes.

In an Amatuer Forensics I performed, several years ago now as a classic, I had discovered an apparent plasma text virus embedded in a .Gif Image. The full payload was a full blown botnet infection of the Windows XP Desktop….
http://bluecollarpc.us/forensics/
JUMP TO:
“(((PROLOUGE)))
NOW DISCLOSED…… APPARENT ATTEMPT TO INFECT PLASMA SERVERS AS WELL…. Optical buffer http://en.wikipedia.org/wiki/Optical_buffer
NON Sample – http://www.sun.com/customers/servers/pppl.xml

— SENDER: gerald309
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005

Advertisements

Choose InPrivate Browsing, Incognito mode, disallows web browsing activity stored

Choose InPrivate Browsing, Incognito browser mode disallows web browsing activity stored. And we will discuss why this is extremely important in today’s in-secure world wide web concerning malware, hackers, account break-ins etc.
 
InPrivate Browsing – Microsoft Windows – Windows – Microsoft
Learn how Internet Explorer 9 helps keep your browsing activity private.
Keep your information to yourself with InPrivate Browsing
Sometimes you don’t want to leave a trace of your web browsing activity on your computer. Whether it’s shopping for a gift on a shared PC or checking an account at an Internet café, you don’t want to leave any evidence of your browsing or search history for others to see.
InPrivate Browsing helps prevent your browsing history, temporary Internet files, form data, cookies, and user names and passwords from being retained by the browser. You can start InPrivate Browsing from the Safety menu, by pressing Ctrl+Shift+P, or from the New Tab page. Internet Explorer will launch a new browser session that won’t keep any information about webpages you visit or searches you perform. Closing the browser window will end your InPrivate Browsing session.
 
Private Browsing (Choose Firefox Setting)- Browse the web without saving information
When using a shared computer, Private Browsing is great for viewing websites without saving stuff like cookies, temp files and a history of the pages you visit.
 
Incognito mode (browse in private) – Chrome Help
Incognito mode (browse in private). For times when you want to browse in stealth mode, Google Chrome offers the incognito browsing mode.
 
Privacy mode – Wikipedia, the free encyclopedia
Privacy mode or “private browsing”, sometimes informally referred to as “porn mode”, is a term that refers to privacy features in some web browsers. Historically speaking, web browsers store information such as browsing history, images, videos and text within cache. In contrast, privacy mode can be enabled so that the browser does not store this information for selected browsing sessions.
 
Netbooks: Reading about netbooks and found the Temporary Internet Files areas actually tear up usage on netbooks as far as even slightly diminishing life of product. So for netbooks it is ALWAYS best to use In Private Browsing / Incognito etc. Netbooks as meaning PCs with Solid State Drives as opposed to regular Desktops, Notebooks, and Laptops with conventional physical computer Disk Drives. Basically was saying (looking for link) this burns up memory components just a tad faster on SSD (solid state drives) I guess which includes desktop models as ThinkPad ?
 
You can view here our discussion http://tech.groups.yahoo.com/group/Windows_Vista/message/3949 which began with the question “Where do I find the Temporary Internet Files folder in Windows?”
 
One of the ways I found it back in the XP years was running a Disk Clean Up. When that finished and popped up the panel to choose what to clean up – it also had the click to View These Files, which was the Temporary Internet Files. That was way back in the XP years like 2001-2 when the very, very first adware and spyware threats were being discovered. You can see like all the little picture icons and images from pages visited, cookies files, other graphics images, and on and on. Point was that spyware could see these that easy too. They could now put together the plan for the ID/Card Theft route by seeing financial sites visited and so on. Original form of what today is called Social Engineering – whereby today unfortunately too many times, chatty-cathys/freds just blurp out all the information publically like at Facebook etc etc etc. OMG!
 
TRY: – open IE (Internet Explorer) and click Tools > Internet Options > General tab > Settings > View Files ….. there they are.
 
NOTE If you click View Objects – there would be what is called Downloaded Program Files which was an age old malware haunt whereby you might find a malicious used ActiveX item that would/could have correlating files and keys in WindowsSystem32 and the Registry. Generally from a trojan. If there were items there, these can be identified by right clicking Properties (will not cause execution of malware) and if they are not familiar items with descriptions such as like Java stuff and other valid programs like Yahoo Messenger, etc, ActiveX items – then they would generally have no identifiable information. I caught two of them in my lifetime, one which was uniquely discovered with a correlating System32 file(DLL library) but also with the Transparency display coding written in for display, and was “invisible” in a toolbar installed which was actually a malware toolbar. It was redirecting to sites not chosen etc etc etc. Culprit discovered. Invisible BHO type item (Browser Helper Object). In reality it “appeared” as an additional transparent (virtually invisible) radio button on the toolbar but was actually a control type object of a trojan package. SEE http://en.wikipedia.org/wiki/Radio_button
 
By habit I have learned to delete all these (Temporary Internet Files) actually each time the browser is closed (Internet Explorer) , and even check Don’t Store any of this on other browsers. This area is the Windows “magic” for speed whereby it stores mostly many of the graphics items from a website in the temporary internet files and when the site is visited again, while the page is loading, it puts up those images already downloaded rather then the time to download them again and made displaying the website faster. In effect the PC is used as a server in some degree. Of course this is as archaic as Dial Up days, but is still useful because there are still many areas dial up is all that is available – no broadband/dsl yet. So if not on dial up, I recommend to delete all these all the time everytime the browser closes. You can do that with Internet Explorer here…..
 
Open IE (Internet Explorer) > Click Tools > Internet Options > click Advanced tab > Scroll down towards bottom and check Empty Temporary Internet Files When Browser Is Closed > click Apply  to save changes and click Okay to close panel. Done.
 
TIP: Too many users get used to clicking the Stay Signed In to keep the cookies etc to just enter a sign in type website like Yahoo Groups here for instance. That is available just about everywhere you need to be signed in to participate even like financial sites (pay bills etc). In about the last 18 months, cyber criminals are now breaking into systems right through stored cookies in the system. They were breaking into Facebook accounts this way with botnets and other malware payloads. So nowadays it is simply recommended to NEVER store cookies on the computer anywhere, and of course where possible to never even store any type of Internet Temporary Files which includes Java temporary internet files (access settings by double clicking Java icon at Start > Control Panel > Java) .
You can do much of that by using InPrivate Browsing when opening IE and choose that as default with Firefox. Other browsers, similar settings. You just tweak all these little ditty security settings. The point is to attempt to protect all data loss in the event of a malware successfully infecting the system. Any and all of these and much more is comprimised within seconds. So it is safeguarding as much as possible to completely minmize information retreived by an infection. Even the best of the best antimalware products will tell you they are not perfect. Malware can get past the best in the world. Be Prepared.
 
TIP: …the other tip here as related is to, again, open IE and Internet Options. On the General tab on the panel it has the check box for “Delete Browser History On Exit“. You check this AND the one at Advanced tabs also. BUT – Microsoft ships the system since the beginning with the least amount of these default settings on. Stupid from them. They ship the system with like a 1,000 settings any user can use for what they wish to use their PC for. Way back users would complain – like going back to Windows 95 and even earlier. They wanted things totally untouched to set things up they way they wanted. But they did not have todays malware threats or even dreamed of them yet – so, stone age days.
 
Clicking “Delete Browser History On Exit” / Apply on the General tab – THEN click DELETE…. it will not do anything yet, but present check boxes for what you want to delete each time the browser closes or is used as a manual deletion time to time according to preference settings employed. HERE is that Microsoft default now where they go the other way AGAINST security and by default have all “Preserve Favorite Websites data” – which will NOT delete those saved cookies for “Keep signed in at this site” etc. You uncheck that as security minded security tweaks in settings across the board. It should be worth the extra second to manually sign in each time and if passwords remembered is problem perhaps a secure trusted Password Manager utility software will serve as “Keep Signed In To This Website”. The other side is if they hack in to the PC and websites are already logged into – well there you are. They can go right into to all accounts WITHOUT passwords!
 
TRY …. (for a simple click to do all this) …
 
CCleaner – CCleaner supports the cleaning of temporary and unneeded files from certain …
(very popular, safe, freeware/donate)
 
ADD FOR FIREFOX…. BetterPrivacy :: Add-ons for Firefox https://addons.mozilla.org/en-US/firefox/addon/6623
Customize Firefox, Thunderbird, and other Mozilla products with thousands of … Better Privacy serves to protect against not deletable longterm cookies ….deletes flash cookies that none others generally delete. Cookies should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.
 
 
%d bloggers like this: