Facebook is huge with more than 550 million registered users. It is also
fertile ground for malware authors and crackers who want to wreak havoc
on the rich and famous and the every day user.

Public Access

A user may want to take advantage of the many public wi-fi networks available
across the country. It can even be a secure wireless network. As you connect,
the attacker can execute a well known 'man-in-the-middle' session hijacking
attack, intercepting your HTTP traffic and extracting your session cookie.

This is a legacy attack which gained popularity once again last year when
a developer released a Firefox extension making the process extremely easy.

Congressional Lawmakers and staff found out earlier this month how effective
this old attack is as a number of the members from the state of Missouri had
their Facebook accounts hacked. Their System Administrators are probably
educating them on the benefits of using HTTPS instead of HTTP (on Sites that
support it) to protect against session hijacking.

Facebook recently introduced an account security setting that makes
full-session HTTPS persistent over sessions. However, most applications and
the chat feature do not work over such connections because they load external
content. The best solution is to use a secure VPN (Virtual Private Network)
tunnel when connecting through any open wireless network.

Spam

According to PandaLabs researchers, a user receives an unsolicited email (with
a Trojan (Asprox.N) tucked inside) advising them that their Facebook account
is being used to send spam. The trick is that if you follow the directions,
which include clicking on the false document containing your new password,
your PC or mobile device is infected and becomes a vehicle for distributing
spam.

Luis Corrons, technical director for PandaLabs, in a security advisory, said
the email attachment's unusual Word icon is actually a Trojan, identified
as Facebook_details.exe, that then downloads a .doc file to convince victims
the promised Word files is actually opening.
 
"The Trojan, when run, downloads another file designed to open all available
ports, connecting to various mail service providers in an attempt to spam
as many users as possible," he said.

ID Theft

The ID Theft threat, which is being spread across MSN and Yahoo instant
messaging apps, displays a malicious link that, if clicked, infects users'
computers or mobile devices with the Lolbot.Q worm.
 
Once the worm has installed and victims attempt to log in to Facebook, a
message pops up informing users that their account has been suspended and,
in order to reactive their account, they must fill out a questionnaire
offering for a chance to win a new laptop or iPad.

Victims are then prompted to enter their cell phone number from which they're
told they will receive data download credits for a fee. Once they complete what
amounts to a comprehensive phishing database, they're told they'll then
receive a password to resume access to their Facebook accounts.

Phishing Attack
 
In March, another socially engineered phishing attack plagued Facebook users,
warning users that their accounts had been reset. When victims clicked on the
malicious attachment to which they were directed, a phishing agent was
installed and immediately snared all the usernames and passwords -- including
those for online banking accounts-- saved on the computer or mobile device.

Consumers need to get more active about securing their devices and data from
possible exposure on Facebook, Twitter and other social networking sites. The
popularity of the social networking medium has increased its use as a venue
to lure potential victims.
 
Malware attacks against Facebook, Twitter and other social networking sites
are becoming the new standard. Facebook is the new Microsoft of this medium.
Attacks against Facebook, Twitter and the other social mediums are manufactured
weekly and the end is not in sight. The best thing any user can do is at least
lock down your settings on OpenDNS' most blacklisted and most whitelisted
website.

     1. Go to Facebook.com. Click on the drop-down "account" menu in the top right
          corner. Drag to "privacy settings." Look under choose your privacy settings.

      2. Look under 'Connecting on Facebook', Click "view settings"

      3. For each of the 7 drop-down menus on the right, click and drag to  " friends only."

      4. Click "Back to Privacy" settings,  and scroll down to Click on "Friends Only"

      5. Scroll down and Click on "Customize Settings".

      6. The 9 drop down menus starting with "posts by me" should be set to "Friends Only"

          Click and drag to "Friends Only" for each

      7. Uncheck Include me in "People Here Now" after I check in We're not done yet.

      8. Set "edit album privacy" to "Friends Only".

      9. Under "Photos and videos I'm tagged in" Click edit settings set to "Friends only".

          uncheck "friends can post on my wall".

    10. Click "Back To Privacy" to go back on the Privacy Settings page. There, click
          "Friends, Tags and Connections"

    11. Select "only friends" in all 10 drop-down menus

    12. Click "Back To Privacy" to go back on the Privacy Settings page. There, click
          "Applications and Websites."

    13. On the top line, click "learn more"

    14. Learn it: When you use Facebook in apps on other Websites, you are giving your
          info to those apps and Web sites.

    15. So let's go back to Applications and Websites and make sure that doesn't happen
          when you don't want it to

    16. Click "edit settings" on the second line, next to "What your friends can share about
          you"

    17. Uncheck every box and click "save changes."

    18. Go back to Applications and Websites

    19. Click on the drop-down menu across from "Activity on Applications and Games
          Dashboards." Select "only friends."

    20. On the last line, click "edit settings" for "Instant Personalization Pilot Program"

    21. Uncheck the check-box. Click confirm.

    22. Click "Applications and Websites."

    23. Click "Back to Privacy." We're still not done.

    24. Click "Search" on the second to last line.

    25. Select "only friends" for "Facebook Search Results"

    26. Uncheck "allow" next to "Public Search Results"

    27. Click "confirm." Sorry, Facebook. This is a total lockdown.

    28. Click "Back To Privacy"

    29. It's time to test your lock down. Click "Personal Information and Posts"

    30. Click "Preview My Profile"

    31. Enter various Facebook users' names to see how each will view your profile.
          We're worried about what "Jay Yarow" can see.

    32. Facebook will show you what your friends can see. If all looks good, then
         congratulations…

    33. Your Facebook profile is on a privacy LOCKDOWN!

One third of all malware (that has ever existed) was created in 2010. Panda labs revealed that
over 55 percent (the largest threat) still comes from trojans. Fake antivirus software (rogueware)
comes in second at 11.6 percent with spyware surprisingly accounting for less than one percent
of malicious software.

The increase is a direct result of an increase in do-it-yourself malware kits available on the
internet that require little (to no) coding skill for novice crackers. These kits circulating around
the internet have forced home users and businesses to deal with an influx of new data-stealing
scams as attacks increase exponentially.

Malware Tools

Kits with names such as MPack, Neosploit, Nukesploit P4ck and Phoenix that
would have cost as much as $15 a kit in 2006 have seen their popularity soar (along with the
cost) in 2011. The Zeus 2.0 kit is now selling for $8000. Symantec researchers have found that
about 61 percent of all web-based threats are generated by these attack took kits.

The Facebook kit which first surfaced in Aug 2010 (and continues to harass the social networking
site) can be purchased anonymously online and gives the buyer the ability to launch numerous
pre-written attacks against specific individuals, companies or social networking platforms.

The attacks come in a variety of forms. Some are old-fashioned spam email campaigns while
others have evolved to complex black hat search engine optimization (SEO) scams or the
injection of malicious code into legitimate websites and banner advertisements.

Astalavista.com

You can now buy anything on eBay (including malware kits). You probably will not find the kits
there as the Homeland Security entities snatch them up as quickly as they are made available.
But the hackers are not going to search in google, they will probably start with astalavista.com
looking for backtracking CD's (for example). Many a novice will learn immediatly it is hazardous
to your system to search hacker sites with a windows box (do it at your own risk). Symantec's
researchers have found more than 310,000 unique, malicious domains (on average) create more
than 4.4 million malicious web pages each month. The bad guys will crack you and big brother is
watching.

This past September, the FBI, the U.S. Secret Service and the New York Police Department
conducted a joint operation which took down a cybercrime syndicate responsible for distributing
a Zeus botnet kit that managed to steal more than $70 million from U.S. customers' online
banking and securities trading accounts over an 18-month period (they drew attention because
the ripped off the rich).
 
The FBI executed a similar bust in July that netted a Slovenian man known as "Iserdo" who was
allegedly responsible for selling variations of a Butterfly botnet kit for between $650 and $2,000
apiece. Those particular kits were especially good at spreading the extraordinarily destructive
Mariposa botnet.
 
Hacker kits in Demand

Meanwhile, demand for attack toolkits has never been higher largely because the hackers who
originally wrote these programs are moving up criminal food chain, realizing that there's more
money -- and less effort -- in distribution than creating new malware themselves.

Companies, consumers and security experts are still playing a never-ending game of catch-up
and the crooks are often miles ahead (These guys are Good). The speed at which these new kits
are sold -- and new kits are created -- makes it impossible to quantify exactly how many people
become new (paint-by-number) hackers each month. They are even becoming sophisticated
enough to customize new attacks with automation and the ability to avoid detection.
 
Attack kits have made it easy for the malicious novice to launch cyberattacks. The attacker no
longer has to create threats from scratch. As a result, malware activity has increased and the
typical user will be victimized at one time or another. In the mean time, security pro's are
working with law enforcement (in an attempt) to shut down some of the big boys.

I had a client bring me a system and tell me he took it to a local Computer Tech who informed
him, "Well, even if BIOS/Setup menu sees the hard drive, it looks like the hard drive is bad
as you when you boot from the Windows / Recovery disk, it does not see the hard drive because
the hard drive is not working...Sorry, you need to replace your drive with a new hard drive to
check". My client did not spend any more money (he paid the $70 diagnostic fee) and brought
the system to me...

The Problem

In the June-July 2010 time frame, Microsoft made a decision to stop support for Windows Vista
(Unless it was patched to SP1 or higher). When this occured, we noted an increase in the
number of systems coming in for repair that were in a constant recycle upon boot. The system
will go to the diagnostic screen but will not boot into safe mode and you can't start recovery
manager. When you bring the system to the startup repair screen, you receive the message,
'startup repair can not repair' (no hard drive). Vista recovery disks and the installation
disks experience the same problem...

MBR Repair

If you are under waranty, some vendors will send you recovery or installation disks...you
typically will not get them when you purchase your system. If you are not under warranty,
they will send them to you for a price ($20 and up for recovery or $68 and up for installation
disks). They will not work to repair this problem anyway.

When the Vista Master Boot Record is wiped out, it prevents a successful boot into the OS.
To remedy this, you are supposed to be able to repair the MBR by booting with a Vista setup
(installation) disk and choosing "Repair your computer" then "Startup Repair."
   
Apparently, when you run Windows update without the required Vista patches, it damages the
boot manager for the OS. When a virus scan is run using VBaRescue (Linux), it reveals several
unknown boot viruses (one in the RTMMBR.bin file). As a result, Vista can not see the hard
drive.

Sight for Sore Eyes

Windows Vista's Aero GUI was certainly a beauty to behold in comparison to previous versions.
It has a polished, Apple-esque appearance that makes XP's default blue and green theme pale
in comparison. That's really all Vista is good for, to put it mildly: a sight for sore eyes. 

Initially many computer vendors began offering downgrades from Vista to XP when buying their
wares (due to all the OS problems). From device incompatibilities to the lofty hardware
requirements needed to run Vista at a decent clip, users were quickly fed up with Microsoft's
shoddy OS.
 

XP Meets SATA
 
If your PC is less than a few years old, your hard drive is probably of the SATA stripe,
which is now the standard. XP hit the scene way before SATA hard drives were even introduced,
so you'll need to to teach XP how to recognize your alien hard drive if you were to attempt
a dual boot back to XP. First, XP would need to be installed first and then Vista and then
you'll need to navigate around your PC's setup program on the BIOS and look for something
like "IDE emulation mode" or something of that nature. If you don't have a SATA drive you
won't need to worry about this.

Many PC users have rejoiced, believing Windows 7 (the improved version of Vista), is superior
to Vista in many respects. Microsoft even considered giving Windows 7 upgrades to Vista
premium users. You dual boot Vista and Windows 7.

Carving Out Two Partitions
 
To dual boot Windows, you'll need to create two partitions on your hard drive, one for Vista
and 7 to reside on. To Windows, a single hard drive containing multiple partitions just looks
like multiple hard drives, representing them as multiple drive letters in Explorer. DiskPart,
included on your Vista install disc, is a program that can repartition hard drives. Carve out
two partitions of at least 20 gigs in size, respectively, allowing enough space for each OS to
live comfortably on. After you've got your partitions in order, format both of them using the
NTFS file system. This is no option when your software can not see a hard drive full of your
precious data.

Saving your Data

You can't go back to XP because many computer vendors have completely made the Vista
switch, so they no longer provide XP drivers for their hardware. You can no longer have your cake
and eat it too with anything less than XP SP3 and Vista SP1.

Dual boot Ubuntu 10.10

Go online and download the Ubuntu iso ( http://www.ubuntu.com/desktop/get-ubuntu/download ).
Burn your CD or create a USB file. Set your boot order for CD or USB respectively as your first
boot device. You can try it out without installing the OS by creating a bootable Live CD or
USB. You will be able to mount the hard drive containing your Vista data and manipulate it
(editing documents, photos, etc). Today you will find you can perform a number of reboots and
surf the net without incident.

With the permission of my clients, I have performed this service and so far, none of them have
expressed a desire to go back to Windows. They have stopped throwing their hard earned cash
into Microsofts coffers with ($200 - 400 bucks a pop) Vista or 7. For a top of the line
Sata or Solid State drive...Linux is the way to go. You can also spend a little more and buy
a MAC with Mac OsX.

All of this while the strange problem with Vista prevents you from seeing the hard disk. All
of this while the Vista Kernel will not load...You will be working. (Knoppix does just as well).