Posted tagged ‘images’

Adobe Fixes Clickjacking Flaw in Flash

October 21, 2011

As you probably know, clickjackers often use Adobe Flash to highjack computer cameras. This allows them to see into your home, take pictures, and pretty much spy on anyone in the world with an Internet connection. Your best defense: a piece of tape placed strategically over your camera. You can’t go wrong with the analog solution. Of course, then you have to find a way to deal with the clickjack that activates your computer’s microphone as well as your webcam. Those tricky scam artists are always one step ahead of decent folk.

Adobe has announced, however, that it has fixed the flaw in Flash that allowed clickjackers to activate microphones and webcams.

Before the latest Flash update, clickjackers could have their way with your computer by luring you into a simple trap. Often in the form of a game, the scammers just had to convince you to click an invisible frame on your screen. That would activate Flash’s manager and allow them to take control.

Obviously this is a good thing for anyone concerned about computer security. You kind of have to wonder how many unsavory online photographs were taken without permission. A quick clickjack, a little Photoshop, and boom! You’ve got yourself a male enhancement ad.

Of course, this might bum a few people out. After all, the Internet was obviously designed to collect naked photographs of every person in the world. Now that Adobe has managed to improve its software, how will humanity ever reach such a lofty goal?

 

 

Mundolike Clickjack – Me No Like

April 8, 2011

Beware of a new clickjacking attack spreading through Facebook. This one spreads like so many other clickjacks: through user wall posts. This particular attack is recognizable by the post “Usted debe ver esta pelĂ­cula! x.mundolike.com” along with a lude picture meant to convince you to follow the link. When you follow the link, it directs you to a page on mundolike.com that contains a video. There’s nothing sexy about it, though. When you click play, you get a video of a prank that involves throwing mannequin heads at unsuspecting people. It’s not even funny.

What else do you get?

Our old friend the clickjack. The video’s play button covers a Facebook”like” button. When you press play, you spread the clickjack through your Facebook wall by unintentionally posting the link.

This clickjack could trick you even if you sign out of Facebook before visiting the mundolike page. If you have signed out, then the page will redirect you to the standard Facebook log in page. When you sign in, it automatically posts the clickjack to your wall.

So much for trying to outsmart this clickjack.

It doesn’t seem that anything truly malicious happens when you fall for this scam. It just makes a fool out of you by using your wall to spread to other people. Some clickjack attacks, however, steal passwords and other private information. You can’t be too careful. If you have fallen victim to this clickjack attack, then remove it from your wall and change your password to make sure your account is safe.