U'VE BEEN WARNED!!!
Security experts warn of yet another threat on the social network
Security experts are warning of a
clickjacking worm spreading via Facebook
which tricks users into posting it on their status updates, although it
does not
appear to be malicious.
According to F-Secure chief research officer Mikko Hyponnen, the worm posts the following message: "try not to laugh xD http://www.fbhole. com/omg/allow.php?s=a&r=[random number]". Clicking on the link takes users to another page which displays a fake error message.
According to F-Secure chief research officer Mikko Hyponnen, the worm posts the following message: "try not to laugh xD http://www.fbhole. com/omg/allow.php?s=a&r=[random number]". Clicking on the link takes users to another page which displays a fake error message.
“If you click anywhere on the page, you will trigger a
script that will try
to post the same message to your Facebook wall,” Hyponnen explained in a
blog
post.
“This is done with an invisible iframe that follows your mouse around — causing you to click on an invisible ‘publish’ button. In addition to the wall message post, nothing else happens.”
Hyponnen added that the worm is “spreading like wildfire” with the domain referenced in the link, fbhole.com, pointing to an IP address in the Czech Republic.
“This is done with an invisible iframe that follows your mouse around — causing you to click on an invisible ‘publish’ button. In addition to the wall message post, nothing else happens.”
Hyponnen added that the worm is “spreading like wildfire” with the domain referenced in the link, fbhole.com, pointing to an IP address in the Czech Republic.
Sophos senior technology consultant Graham
Cluley added that thankfully the
worm seems to have been motivated out of mischief rather than a desire
to make
money.
“Should we be surprised by this latest attack via Facebook? I don't think so,” he continued in a blog post.
“One of the key findings of Sophos's 2010 Threat Report was about the astonishing 70 per cent rise in reports of malware attacks via social networks. Facebook, in particular, was named the riskiest of the social networks by survey respondents.”
“Should we be surprised by this latest attack via Facebook? I don't think so,” he continued in a blog post.
“One of the key findings of Sophos's 2010 Threat Report was about the astonishing 70 per cent rise in reports of malware attacks via social networks. Facebook, in particular, was named the riskiest of the social networks by survey respondents.”