Do not make micro bo into hackers "poisoned" new channels

With nearly 200 million Weibo users, China has become not only the first country of netizens, but also the most likely to be the first power of Weibo. But a short 140 words of a micro-blog, its security can be compared to mobile phone messages?

The most recent security incident in the history of Weibo has been in the US, the birthplace of Weibo, and on Twitter, the originator of Weibo. Hackers seem to be declaring in various forms, finding new "channels" in the microblog world.

"Obama is dead" shocked America's network

"Obama was shot twice in a restaurant in love Owatonna state," The news said: "Obama is Dead" ... The official microblog of the famous media Fox News has recently launched a series of false news of "The assassination of US President Barack Obama", which shocked the entire American network and caused international influence. Originally, "Fox" in the microblogging site "Twitter" on the registered account of hackers attacked, and was usurped the "say", so its microblog page became a rumor to spread the source.

The incident caused a high level of vigilance on the domestic network security quotient. 360 security experts said that the main way for hackers to attack Twitter accounts is "XSS vulnerability attacks." Popularly speaking, the hacker first sends the malicious link through the comment, the letters and so on to the target account which the attack, once the opposite party clicks the link to trigger the loophole, the hacker can carry on the arbitrary operation like the account owner, even then sends the malicious link mass to the related netizen, causes the number of the recruit accounts to increase

Experts predict that with the gradual increase in the impact of micro-blogging, hackers will be increasingly active in attacks on users of micro-blogging, especially professional institutions, network celebrities, "opinion leader" and so many fans of the micro-blog accounts, a slight carelessness may be in the short term to form a serious negative impact.

Phishing website Weibo frequently "advertise"

Domestic microblogging has also appeared some security vulnerabilities. Less than one months ago, the Sina Weibo "widespread poisoning" news spread on the internet. Users "poisoned" in a short period of time to their friends automatically send a large number of links, such as "Guo Meimei incident some unnoticed details", a 3D film "high-definition Mandarin version Download" And so have "attractive" content. Results spread, wildfire, more than 30,000 users in one hour forwarding.

Sina Weibo has since been quick to fix loopholes and plug the tunnel. After technical verification, this is actually a use of web page security vulnerabilities and spread the "micro-bo Worm", belonging to the hacker prank behavior. But if these links are embedded in executable malicious programs, then once clicked, they are really poisoned.

At the same time, with the rise of micro-blogging, some have to text messages, chat tools as the main carrier of the phishing website frequently on Weibo "advertising", the camouflage is still "you won the lottery."

Reporters in the microblogging site to "jackpot" for the keyword search, the result is up to hundreds of pages. Casually open one, is the lawless elements through forwarding, reply, and other means, notify the blogger jackpot, prizes for the iphone, ipad, etc., and the so-called active Web site and verification code and other information. Security engineers, in fact, these sites are pointing to phishing sites, requiring users to log in and pay "fees" and so on, waiting to steal the card number password. "Don't enter at random, or you'll be safe." ”

User platform Security quotient "BLACK"

In the first half of this year, the number of Chinese microblogging users grew from 63.11 million to 195 million and a half year growth of 208.9%, according to a report on China's Internet Development statistics published recently. In the ascendant, the domestic micro-blog, in only half a year to achieve the original forecast for the 2011 year of user size. It has the basic attributes of social network, with ultra-high mass communication efficiency, popular with netizens at the same time, but also naturally become hackers will not let go of the "poisoning" channel. At present, its security issues become a systematic project, client, platform, Third-party security, etc. are difficult to protect themselves, but also to "play black."

To micro-bo everywhere on the false winning information, for example, Sina and other micro-BO platform to strengthen the "winning microblogging" of the automatic shielding and removal, 360 and other security platforms also opened a winning scam information or phishing links online report. But at the same time, this kind of false micro Bo and more "Martian" and other symbols mixed into, or remove the "www" in the Web site to avoid being filtered by the system. Therefore, microblogging users need to enhance vigilance, pay attention to distinguish these forms of characteristics, because the official information will not be published in irregular text.

"Weibo security has given the Internet security vendors a new problem." "360 of microblogging guardian developers said that the domestic professional micro-blogging security products are rare, these" black "tools should be the standard configuration of security software.

Original link: http://tech.qq.com/a/20110731/000122.htm

(Responsible editor: admin)