Hackers are spreading a rumor regarding Facebook, describingit as a botnet that is used it to infect Facebook users with rogueanti-malware.

In the last 48 hours a rumor was spread claiming that an“unnamed app” in Facebook is actually a bot Trojan. The rumor was a hoax, andhackers used it to distribute malicious fake antivirus software (Rougeanti-malware). When Googling for “unnamed app”, people received links to siteswhich pose as security sites but are actually fake antivirus traps – rogueanti-malware sites.

Please be aware.

The malicious activity that comes from Chinese servers isknown for a long time. In many cases we are seeing the use of Chinese serversby bots that being spread over the web. Most of these bots are beingpropagated in order to steal identity, information, backdoor etc’.

But there is also other activity, unlike these bots that arebeing operated by hackers there is also a cyber-war.

We know that countries are using hacking techniques in orderto espionage against other countries, security organizations employing hackersin order to penetrate to other countries servers, and from the Google incidentin China we actually know something that was clear to everybody – the bigbrother is watching you.  

The “Foreign Policy” web site (http://www.foreignpolicy.com/)published a very interesting article that reviews the top 10 Chinese cyberattacks (that we know of) against US government sites:

http://thecable.foreignpolicy.com/posts/2010/01/22/the_top_10_chinese_cyber
_attacks_that_we_know_of

 More from MS site: http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx

The Google-China relationship has been the subject of many recentarticles and debates in the media. Across the globe, thousands have protestedagainst Google, claiming that the renowned web browser is lending a hand to thetrampling of human rights in China by allowing the Chinese government to filtersearch results.

Last Tuesday Google announced that it was consideringexiting the Chinese market as the result of a sophisticated online attacktargeted at Google systems – especially Gmail – in order to penetrate the accounts of pro-democracy activists in China.

In the beginning, the assumption was that the hackers(reported by some as being funded by the Chinese government), used a zero-dayAdobe Acrobat Reader vulnerability. However, according to McAfee, there is evidencethat they used a new IE zero-day vulnerability instead.
More information about the IE zero-day vulnerability can be found here:
http://www.microsoft.com/technet/security/advisory/979352.mspx

Link to the Adobe blog post referring the attack:
http://blogs.adobe.com/conversations/2010/01/adobe_investigates_corporate_n.html

It will be interesting to see if Google will carry out itsthreat to leave the Chinese market. My bet is that it won’t.

In the meantime, it is important to note that eSafe customers are protected against both exploits – the Adobe Acrobat exploit and the new IE zero-day exploit.