Facebook Users Are Still Abused By Rogue Apps
Scoundrels have created another rogue Facebook application, the second to hit the social networking site in less than a week. In the second attack, Facebook users receive notices that they have supposedly being reported for violation of the social networking site’s terms of service by someone in their friends list. A link on the notification leads to an application called “f a c e b o o k – – closing down!!!” which, post installation, spams all the affected user’s friends with the same message.
Last weekend a similar application called Error Check System, which posed as notification of errors in a Facebook user’s profile, used almost identical tricks to spread itself across Facebook.
Searches for the phrase “Error Check System” via Google and the like returned numerous results linking to sites punting rogue antivirus (aka scareware) packages. Security watchers use this factor to support the theory that black-hat search engine optimisation may have been the real motive behind the attack.
The rationale behind the latest (eerily similar) scam is unclear, with some attempt to harvest personal information or building up a database for subsequent spamming among the possibilities. The attack kicked off on Thursday, but has already spawned a Facebook group for victims.
Security watchers urge Facebook to become more active in vetting applications. “These two events in just a single week mean that it’s about time that Facebook reviews its application hosting policy,” said Rik Ferguson, senior security advisor at Trend Micro. “Prevention of rogue applications with extremely dubious intent to propagate freely within the site is needed.”
Credit: The Register
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.