Skip to navigation
   
Davey Winder's Blog
RSS

One million Facebook users exposed to Zango worm

By Davey Winder in Editorial

Posted in Blog, Spyware, Facebook, Security, Internet on January 3, 2008 at 11:12 pm

Permalink | Author Profile

Given the popularity of Facebook applications, those annoying widgets which people in your network naturally assume you will be interested in (even though most are banal even by widget standards), it was only a matter of time before the trend was exploited by those with a less than social motive. And so it is that security threat researchers at Fortinet have uncovered a malicious widget which has already found its way onto the computers of 3% of Facebook users - or a million people if your prefer.

The Secret Crush application spreads by Facebook users getting a notification from someone in their network who has already installed the widget, which informs them that one of their friends has the hots for them. The wording is such that suggests it might be the friend who sent the invitation, but the only way to find out is to install the application itself. At this point the plot thickens, because using an escalation of commitment strategy Secret Crush the widget once installed will only reveal the identity of your secret admirer once you have invited another 5 of your friends to install it. According to Fortinet, even after inviting those 5 friends there is no revelation other than an invitation to download a ‘crush calculator’.

Fortinet has examined the page source of the advertising frame that is displayed and discovered it is hosted at zango.com, within the affiliates section. Downloading the application actually leads directly to a copy of Zango, the in famous adware/spyware that used to be known as 180Solutions. Download this and rather than a secret crush you will find yourself being courted by adverts.

Although there is no way of knowing the exact figures, the authors of Secret Crush are likely to be getting a few pence for every download, which multiplied by a million or two clicks soon adds up.

Fortinet CMO Richard Stiennon included “malicious Facebook widgets” in his list of security threat predictions for 2008, and it looks like he was right on the money. There seems to be no mechanism in place at Facebook to protect users from this kind of malicious application. Hackers could implement a similar scheme but replacing the Zango IFrame with a drive-by install engine instead.

“Keep in mind that, given the odds, people are likely developing Facebook “Platform Applications” for profit rather than just for fun. Now, this does not mean that all widgets are going to be malicious. As in every business frame, honest ways to generate profits surely exist on Facebook, in exchange for providing a service to users who subscribe to it. However, users must be aware of this, and resort to a blend of common sense and protection gear to avoid being scammed and abused” advises Fortinet EMEA Threat Response Team Manager Guillaume Lovet.

12345
Rated: 100% (1 votes)
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments
This article has no comments yet.

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

Cisco museum books USA Sex Press iPhone 3G surveys world of warcraft hardware Mobile Phones wifi Media Retail data protection CAPTCHA Digg School web Review holidays encryption XP Ballmer Internet SMS staffing fraud Nexus App Store news email Election Zango Netbook Porn BOFH App monetisation students second life global Business Blogging AMD science development Military virtualisation HPC desktop mobile fun ASUS GSM Microsoft remote code ROFL theft sick Backlash virtual machine console data information social networking EU MessageLabs office universe earth hour Developers Windows Phone 7 Series Lotus Vista scareware debian MiniBook Pirate banks Amazon Firefox virtual world standards remote working Top 10 Adobe shopping Geeks Software ISPA Acer computer Apple Facebook IDC Noro Jobs Psion patent Digital Footprint policy network dumb Advertising Jesus Phone law acquisition MSNBC teleworking Networks Government Gateway Music SSL VM Mobile Phone Experiment scan ecommerce Trousers iPhone 3GS work trust transactional security library Microchip size Patents Hack productivity IT PS3 Notebooks ID Theft Apps tech Web Development Browsers digitise Steve Jobs games home Big Brother Spotify Research FBI Linux documentation OS McKinnon web 2.0 Sony RATM Energy Michael Jackson China innovation iPod worker Browser botnet green report millions outsourcing YouTube DNS tax MSN Battery services symantec Mars Android crime Recall NBC Application survey Study christmas betting service The Federation printing Palm Funny Nintendo archiving phishing Rumour management computing Steve Ballmer hypervisor Kaspersky stupidity carbon copy gaming Employment credit card fraud adware Marketing ISP Top 500 Licensing hoax GMail Death open source Health Flash prison Johnny Depp malware nightmare Video black hat e Children Texas Instruments Trojan banking credit crunch broadband man-in-the-middle Addiction Guardian Programming Gadget avatar compromise chips spending virus family workplace BSI mail payments exploit migration worm Performance computing Supercomputer HP meme Eee snooping Mafia payment server iPhone fake Opinion fool hacking biometrics Intel Google Earth Windows IP Tesco Kill Switch graphics poll Space xmas Meh Internet Explorer smartphone Banned technology Obama privacy NASA Bill Gates spam Beta eBook politics Madness rootkits VPN InfoSec Parenting Game statistics Enterprise Conference Deal help Yahoo search Voice Kindle Windows 7 hacker RAM storage Psychic security terrorism Project Dell environment OCR Blog Harry Potter Data Centre admin Paris Hilton e-commerce memory Palm Pre Texting Google economics money campaign scam patch management Army hubdub Twitter stupid copyright economy IBM President VeriSign Olympics Rant cloud lawsuit Europe Gartner Finjan Eee PC recession Education Architecture disclosure Silverlight Russia linkedin
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement