Facebook “Clickjack” Attack Halted: Infected Site Offline, Not The First Attack
Posted on May 29, 2010 | Comments 0
Over 400 million people are using Facebook, according to their terms of service. Many of those people are accessing it through using work computers during the daytime as well as on their laptops and cell phones or at home, too.
The problem is, if you happened to click on a link asking you to, “try not to laugh xD,” you have been affected. Most likely, you now have that same link everywhere on your page and all your friends can click on it as well, which is how this worm spreads.
The Problem
The site to which the link following the phrase was apparently directing Facebookers to was infected with malware. The home page of the malicious website did, in fact, contain the words, “My Facebook,” and had the outline of a blank profile; however, the website has been taken down in light of a phone call from F-Secure to the site’s owner.
Malicious Prevalence
Malware attacks focused on Facebook are not uncommon.
In fact, clickjacking, the action of spreading malware by clicking on infected links, is one of the most popular ways to spread an infection, especially those that can do the most damage to a computer. Luckily, this one did no damage, except to post a message without the user’s permission to their Facebook page.
Many hackers will attempt to embed a YouTube video into a link, to entice users to click it. However, if they do, the link will direct the users to an unintended destination site which is infected with malware. Sometimes, the link itself is the malware.
Detecting a Problem
If you find you have clicked on a link that is infected and you have anti-virus software installed, you will know it almost immediately. However, if you do not, the first symptoms include redirection to websites you had no intention of visiting.
In addition, your browser might freeze, not allowing you to close the page the link sent you to. As a best practice, always keep your anti-virus software up to date and run a daily scan to ward off potential problems.
Source: mashable
Posted in: SAFE COMPUTING
