According to a report released by Websense Security Labs, recently, spammers have used a combination of different Google Web 2.0 services to carry out a range of attacks.
Spammers are creating bogus accounts on YouTube and Blogspot to promote their services, abusing both services. The bogus accounts on YouTube advertise multiple videos of same theme with 'inappropriate' content, clearly abusing the terms and conditions of YouTube services.
The profiles of these bogus accounts on YouTube advertise the bogus Blogspot accounts, which act as doorway pages to spam domains. These bogus Blogger accounts make up a set of interlinked spam blogs or splogs, forming a splogospere aiming to promote the actual spam domain, clearly abusing the terms and conditions of Blogger services.
Security issues are bound to arise when users are given privileges such as content creation, direct HTML editing, or uploading files and content distribution. These capabilities are being abused by spammers and malware authors to carry out various attacks, which pose a direct threat to Web 2.0 functionality. While continuous efforts are made by various Web 2.0 service providers to combat the abuse of their services, the spammers, phishers and malware authors carry out various attacks over them, proving their adaptability, which can be clearly seen as an iterative cycle in the email, Web and Web 2.0 security arena.
Additional details and information can be obtained here.
Community Comments