Malicious Facebook App spreads via Users Actions

A new type of threat that is plaguing the netizens is through the social networking site- Facebook. But here's a twist - this threat the victims bring upon themselves. Here are two ways in which it spreads :
  • It may start with a benign looking new app alert in your Facebook. When you accept this app, it asks for extended access to the user account to post messages. Most users are so much carried away by the title of that app (see a sample list below) that they do give it extended permissions. It then passes on to your friends in the contacts list. 
  • It may appear as a posting from your friend talking about this exciting app. When you click on it it will take you to a Facebook page that contains a code snippet. The instructions on the page asks you to copy the code snippet and paste it in your browser address bar and press enter. When you do that, you just exposed yourself to the threat of identity theft.

Nobody knows for sure what is the final objective of this app but we are seeing its propagation and spread.

Here's a list Facebook app names compiled by websense security:

  • Who Block me?
  • Who is in your mind?
  • Who Always Look into My Profile??
  • Who Always stalks Your Profile?
  • Who has checked your profile?
  • Who Always Appear Offline??
  • Who stalks your profile?
  • Who has seen my profile
  • Who is peeping your profile?
  • Baby nanny
  • Who Always Look into My Album??
  • Who loves you?
  • Who has Viewed Your profile?
  • Who had read my profile?
  • Who often check my album?
  • Whos viewing my profile
  • Who always Block me?
  • Who is reading your information?
  • Who love you?
The ones in the bold face above are the most effective curiosity drivers.

Facebook Security team has already been notified but there are just too many pages it has already created.

A word of advice from ManageMag :
When not sure about an app, do not give permissions to it. It's always a good idea to run one Google search with the app name before granting it full access to your profile info. ( Look for the words "Malicious", "Spam", "Scam" and so forth.)
Take care.. and spread the word. If you come across any other Malicious app names, do write in comments.

COMMENTS

BLOGGER: 1

Name

Code,1,Free Stuff,2,History,1,Management & Leadership,2,Security,2,
ltr
item
ManageMag: Malicious Facebook App spreads via Users Actions
Malicious Facebook App spreads via Users Actions
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAKyhpK0WCkjZyY6mABdtV1GW0Lyc74q1yLVOO26S9KTOyD9tBXRP_U0j84whjZ-m8AGylz1hEdONleKWfsfn-9C9ehf1FFOBZ_OSw1_IudGngDJC3lQX0eUUrEg9HZ5LQOwbdXvry7Jk/s1600/facebook_malware.png
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAKyhpK0WCkjZyY6mABdtV1GW0Lyc74q1yLVOO26S9KTOyD9tBXRP_U0j84whjZ-m8AGylz1hEdONleKWfsfn-9C9ehf1FFOBZ_OSw1_IudGngDJC3lQX0eUUrEg9HZ5LQOwbdXvry7Jk/s72-c/facebook_malware.png
ManageMag
http://www.managemag.com/2011/04/malicious-facebook-app-spreads-via.html
http://www.managemag.com/
http://www.managemag.com/
http://www.managemag.com/2011/04/malicious-facebook-app-spreads-via.html
false
3228987248158602567
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy