Is Facebook the next target?

Nearly a month ago, a group tweeted a message encouraging people to visit a Pirate Bay Web page and to watch a Youtube video which publicly announced an attack on Facebook on November 5th. The user that posted this tweet was by a group called “Anonymous” and the group’s channel (along with the video threat they posted) was removed from Youtube.

So what are some ways Facebook could get hacked? In 2009, Facebook was attacked by a massive distributed denial of service (DDoS) attack. Facebook services weren’t damaged too badly and their engineers believe that a successful attack against Facebook servers would require a botnet so large that it would be traceable. Another avenue of attack (that may not be so devastating to Facebook operations and servers) would be to steal people’s accounts, set up fake accounts, and linking people to malicious websites. While this doesn’t directly hurt Facebook’s servers, it can definitely hurt the Facebook community because for every successful hacked account, the hackers gain more ways they can hack even more people (ex. Your friend posts on your wall saying to “Look at this awesome website” and its a link to a malicious site). Ways that hackers generally try to steal accounts is by spear phishing, exploiting a zero-day vulnerability, and by guessing weak passwords. So, rather than a direct attack on Facebook on November 5th, “Anonymous” might just upload some malicious code to hacked Facebook accounts to steal even more accounts.

Also, according to experts, if “Anonymous” or any other group were to successfully hack Facebook, they would most likely not go for user information, but rather company information so they can break into Facebook again. But, we have yet to see what “Anonymous” can do…


DNS Hack Leaves Hundreds of Thousands Vulnerable

On September forth it was reported that a “number of major sites have suffered as a result of a DNS hack. The DNS hacked either brought down sites or redirected the traffic to  a page set up by the Turkish hackers themselves. Although the hackers didn’t do this hypothetically someone could use this type of hack to redirect users to their own site increasing the number of hits on their site. This could eventually lead to a profit if the person who owns the site had advertisements on it, just a thought for thinking. Back to the article. These site such as either restored their service rather quickly, or in some cases had to wait up to 72 hours to propagate new settings, this all of course depending on the DNS system itself. “This turkish group broke into korean sites including those of Epson and HSBC, after domain registrar Gabia was hacked exposing over 100,000 domains and an estimated 350,000 users.” This hack although taking much skill also reaps a greater benefit by giving the hackers hundreds of thousands of users that are now vulnerable to further attacks and possible identity theft.