Malicious Facebook Application Might Create A Powerful DoS Botnet
Researchers at the Institute of Computer Science (ICS) have built a malicious Facebook application as an experiment to demonstrate the possible dangers of social networking applications. The proof-of-concept Facebook application can covertly herd users of the popular social network into a powerful botnet that might be malicious.
The demo application, called Photo of the Day, delivers a different daily image from National Geographic but behind the scenes, special code embedded into the application creates a botnet of Facebook users launching denial-of-service attacks.
The research group provided technical details of the application they called Facebot. They have placed special code in the application’s source code, so that every time a user views the photo, HTTP requests are generated towards a victim host. More precisely, the application embeds four hidden frames with inline images hosted at the victim. Each time the user clicks inside the application, the inline images are fetched from the victim, causing the victim to serve a request of 600 KBytes, but the user is not aware of that fact (the images are never displayed).
While the proof-of-concept app was used to demo a denial-of-service attack scenario, the group issued a terse warning, since it is possible to use more sophisticated techniques and create a JavaScript snippet, which continuously requests documents from a victim host overtime. In this way the attack may be significantly amplified. The group also warned that the victim of a FaceBot attack may be subject to an attack that will cause it to serve data of the magnitude of GigaBytes per day.
Although the researchers made no effort to advertise/distribute its Facebook application, it attracted more than 1,000 users in the first few days. With a bit of spam and viral manipulation, the app can be distributed all over Facebook and gain tens of thousands of users who might unknowingly do some serious damage.
More on CyberInsecure:
September 6th, 2008 at 7:35 am
The above application is still listed in the facebook directory …
Its link is http://www.new.facebook.com/apps/application.php?id=8752912084
Indeed it displays a photo from NG