Web 2.0 applications have become increasingly popular among Internet users in the past few years. This trend is very unlikely to come to an end soon. More and more 'classic' websites are shifting towards web 2.0 concepts, start-ups are all about web 2.0 and new users are adopting the web 2.0 lifestyle every day.
This paper aims to address the following questions:
What exactly is web 2.0?
What are the concepts and technologies that make web 2.0 what it is?
Why does web 2.0 attract malware authors?
How did malware spread over the Internet before web 2.0?
What are the new attack vectors created by web 2.0 technologies?
What social engineering tactics emerge over the web 2.0 concepts?
How dangerous is the combination of human & technological vulnerabilities?
Are web 2.0 attacks more efficient?
How difficult is it to protect ourselves?
How are web 2.0 threats going to evolve?
Web 2.0 applications are not only being used at home, but also in the corporate environment. The new attack vectors are raising the stakes, both for malware authors and security professionals. The user is somewhere in between the two sides, unwittingly helping the attackers while also suffering from the attacks.