Home Code Snippets Oracle Reference Oracle Functions Oracle Error Codes Forum Oracle Jobs Oracle Blogs

Another Exploit Just For Facebook

It seems like Facebook is the hacking community's wet dream, the sunny playland that's always packed with childlike users who are easily convinced to hand over the keys to their privacy and security.

For about the last day or so a series of attacks have exploited Facebook's 'Like' feature through a simple clickjacking exploit. Using enticing subjects such as "This Girl Has An Interesting Way Of Eating A Banana!" or "The Prom Dress That Got This Girl Suspended From School", hackers have suckered Facebook users into participating in an attack that use web pages that make use of hidden iFrames whose goal is to trick users into saying they 'like' the content.

Users are taken to web page that's blank, except for the words 'Click here to continue'. Clicking anywhere on the page publishes the a message to their own Facebook page. Security blogger Graham Cluley says that hundreds of thousands of Facebook users have been hit, and my guess is that Graham's estimates are probably on the conservative side.

The pages are infected by Troj/Iframe-ET, according to Sophos. If you're foolish enough to still be using Facebook  you should probably join the Sophos page on Facebook  so you can be kept informed of the latest security threats. I mean, if you're going to play with fire you might as well wear gloves, right?

This entry was posted in Uncategorized and tagged , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam Protection by WP-SpamFree