One million Facebook users exposed to Zango worm
By Davey Winder in Editorial
Posted in Blog, Spyware, Facebook, Security, Internet on
Given the popularity of Facebook applications, those annoying widgets which people in your network naturally assume you will be interested in (even though most are banal even by widget standards), it was only a matter of time before the trend was exploited by those with a less than social motive. And so it is that security threat researchers at Fortinet have uncovered a malicious widget which has already found its way onto the computers of 3% of Facebook users - or a million people if your prefer.
The Secret Crush application spreads by Facebook users getting a notification from someone in their network who has already installed the widget, which informs them that one of their friends has the hots for them. The wording is such that suggests it might be the friend who sent the invitation, but the only way to find out is to install the application itself. At this point the plot thickens, because using an escalation of commitment strategy Secret Crush the widget once installed will only reveal the identity of your secret admirer once you have invited another 5 of your friends to install it. According to Fortinet, even after inviting those 5 friends there is no revelation other than an invitation to download a ‘crush calculator’.
Fortinet has examined the page source of the advertising frame that is displayed and discovered it is hosted at zango.com, within the affiliates section. Downloading the application actually leads directly to a copy of Zango, the in famous adware/spyware that used to be known as 180Solutions. Download this and rather than a secret crush you will find yourself being courted by adverts.
Although there is no way of knowing the exact figures, the authors of Secret Crush are likely to be getting a few pence for every download, which multiplied by a million or two clicks soon adds up.
Fortinet CMO Richard Stiennon included “malicious Facebook widgets” in his list of security threat predictions for 2008, and it looks like he was right on the money. There seems to be no mechanism in place at Facebook to protect users from this kind of malicious application. Hackers could implement a similar scheme but replacing the Zango IFrame with a drive-by install engine instead.
“Keep in mind that, given the odds, people are likely developing Facebook “Platform Applications” for profit rather than just for fun. Now, this does not mean that all widgets are going to be malicious. As in every business frame, honest ways to generate profits surely exist on Facebook, in exchange for providing a service to users who subscribe to it. However, users must be aware of this, and resort to a blend of common sense and protection gear to avoid being scammed and abused” advises Fortinet EMEA Threat Response Team Manager Guillaume Lovet.
Rated: 100% (1 votes)
Loading ...Make a comment
Tag cloud
Archives
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
Most commented posts
- Cuil frozen out: market share drops to next to nothing
20 comments
- Windows XP: the invincible OS
- Gatecrashing the WiFi hotspot party
- The 24 year old software that is still going strong
- Home workers are sick
- Big Brother Apple
- Spear phishing Catch 22 for Salesforce.com
- Dumbest phisher in history revealed
- Is BT misleading consumers with Option 2 broadband?
- Why ecommerce fails
Highest Rated Blog Posts
- Why ecommerce fails (100%)
- Betting on Hubdub technology (100%)
- Chinese whispers as government implicated in UK hack attacks (100%)
- Crimeware toolkit targets 10,000 trusted sites (100%)
- Black Hat risk to migrating VMs (100%)
- Tough on cyber crime, tough on the causes of cyber crime (100%)
- Firefox 3, Beta 4, Enhancements 900, Tested 5 (100%)
- Slowly slowly catchee Government IT monkey (100%)
- Who needs another set of web standards? (100%)
- The 6.5 billion quid hello (100%)