WARNING: Facebook Clickjacking Attack Spreading Through News Feed
Posted: 21 May 2010 05:28 AM PDT
A new malware attack is spreading via Facebook's news feed, according to reports from users on Twitter.
The attack consists of a message starting with the phrase "try not to laugh xD," followed by this link: "http://www.fbhole.com/omg/allow.php?s=a&r=72306″ (don't open it).
The attack, which seems to repost the message without your permission, uses the oldest trick in the book. Once you click on the link, you'll see Facebook greyed out and a weird dialog that looks like a Windows error message, containing the phrase "If I don't, someone else do it". If you click anywhere on the page, you'll repost the link because your click will land on a moving iframe with very low opacity. By clicking on it, you're actually clicking the "publish" button on Facebook.
Interestingly enough, the root index file of the site in question (www.fbhole.com) contains only the phrase "My Facebook" that links to a nonexistent Facebook profile.
We've seen similar Facebook attacks before, and although they may be harmless, clicking on suspicious links is always dangerous. If you've seen this (or similar) attack on Facebook, please let us know in the comments.
# Social Media Web Consultant #
@ Construction Project Manager @
* Visual-Photo Renedering-6 Degrees.png *
678.488.7214
Atlanta, GA 30168
Office Located near Six Flags
No comments:
Post a Comment