20110428

Malicious Facebook App spreads via Users Actions

A new type of threat that is plaguing the netizens is through the social networking site- Facebook. But here's a twist - this threat the victims bring upon themselves. Here are two ways in which it spreads :
  • It may start with a benign looking new app alert in your Facebook. When you accept this app, it asks for extended access to the user account to post messages. Most users are so much carried away by the title of that app (see a sample list below) that they do give it extended permissions. It then passes on to your friends in the contacts list. 
  • It may appear as a posting from your friend talking about this exciting app. When you click on it it will take you to a Facebook page that contains a code snippet. The instructions on the page asks you to copy the code snippet and paste it in your browser address bar and press enter. When you do that, you just exposed yourself to the threat of identity theft.

Nobody knows for sure what is the final objective of this app but we are seeing its propagation and spread.

Here's a list Facebook app names compiled by websense security:

  • Who Block me?
  • Who is in your mind?
  • Who Always Look into My Profile??
  • Who Always stalks Your Profile?
  • Who has checked your profile?
  • Who Always Appear Offline??
  • Who stalks your profile?
  • Who has seen my profile
  • Who is peeping your profile?
  • Baby nanny
  • Who Always Look into My Album??
  • Who loves you?
  • Who has Viewed Your profile?
  • Who had read my profile?
  • Who often check my album?
  • Whos viewing my profile
  • Who always Block me?
  • Who is reading your information?
  • Who love you?
The ones in the bold face above are the most effective curiosity drivers.

Facebook Security team has already been notified but there are just too many pages it has already created.

A word of advice from ManageMag :
When not sure about an app, do not give permissions to it. It's always a good idea to run one Google search with the app name before granting it full access to your profile info. ( Look for the words "Malicious", "Spam", "Scam" and so forth.)
Take care.. and spread the word. If you come across any other Malicious app names, do write in comments.

2 comments: