BleepingComputer.com: New Facebook Clickjacking Worm

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

New Facebook Clickjacking Worm Securitycadets

#1 User is offline   KarstenHansen 

  • The Dane
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Study Hall Senior
  • Posts: 1,079
  • Joined: 06-June 09
  • Gender:Male
  • Location:Denmark

Posted 18 August 2010 - 07:31 AM

Quote

New Facebook Clickjacking Worm
Graham blogged about a Facebook clickjacking worm back in May which we dubbed Likejacking — for a number of weeks the threat ran rampant throughout Facebook. Since then, it has calmed down quite a bit and we don't see much likejacking anymore. However, today we came across a new form of clickjacking where, instead of tricking the user into liking something, it tricks them into using the Facebook “Share” feature without requiring the user to acknowledge the fact that they're sharing it.

forum.securitycadets.com

Cheers
KarstenHansen

This post has been edited by KarstenHansen: 18 August 2010 - 01:20 PM

With High Regards,
KarstenHansen,

Enjoy EVERYDAY of your life to the fullest, it can be over so so quick. Removing Malware is just like a good game of CHESS.

#2 User is offline   buddy215 

  • Forum Addict
  • PipPipPipPipPipPip
  • Find Topics
  • Group: BC Advisor
  • Posts: 4,588
  • Joined: 14-April 06
  • Gender:Male
  • Location:West Tennessee

Posted 19 August 2010 - 06:31 AM

By Alison Diana
InformationWeek
August 18, 2010 11:18 AM http://www.informationweek.com/news/securi...ly_2010-08-19_h
.........Those using Firefox plug-in NoScript receive a warning, cautioning them that NoScript "intercepted a mouse or keyboard interaction with a partially hidden element." At this point, users have the option to keep the element locked, which is recommended, or disregarding NoScript's recommendation and opening up the link.

However, those Facebook account-holders not running NoScript or not paying attention will find their profile pages sharing content that links them to a malicious domain, said Komili.

"Clicking the link sends you to one of many fan pages all serving the exact same content. It seems a fan page is chosen at random," he said.

Anyone victimized by this scam should select "Remove" to clear the content from their profile and help prevent the further spreading of the social networking disease, said Komili. .................



Facebook Clickjacking Attack Spreading Through Share Button

"Funny T-Shirt Fails" scam costs victims a $5 weekly charge on their cell phone bill, finds Sophos.

By Alison Diana
InformationWeek
August 18, 2010 11:18 AM

Facebook users came under attack from a new clickjacking scam that could result in lost money as well as aggravation, spread by the social networking site's Share button.

#3 User is offline   KarstenHansen 

  • The Dane
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Study Hall Senior
  • Posts: 1,079
  • Joined: 06-June 09
  • Gender:Male
  • Location:Denmark

Posted 19 August 2010 - 07:06 AM

Quote

Graham blogged about a Facebook clickjacking worm back in May which we dubbed Likejacking for a number of weeks the threat ran rampant throughout Facebook. Since then, it has calmed down quite a bit and we dont see much likejacking anymore. However, today we came across a new form of clickjacking where, instead of tricking the user into liking something, it tricks them into using the Facebook Share feature without requiring the user to acknowledge the fact that theyre sharing it.

sophoslabs

Here is some more info with alot of pictures!

Enjoy
Karsten
With High Regards,
KarstenHansen,

Enjoy EVERYDAY of your life to the fullest, it can be over so so quick. Removing Malware is just like a good game of CHESS.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users