Facebook Clickjacking Worm Persists - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud // Software as a Service

Facebook Clickjacking Worm Persists

Spread via status messages, there's no mention of the 'likejacking' attack on Facebook's security page.

Facebook users have been hit by a clickjacking attack, which tricks people into “liking” a Facebook page, enabling the attack to spread.

“Hundreds of thousands of Facebook users have fallen for a social-engineering trick which allowed a clickjacking worm to spread quickly over Facebook this holiday weekend,” said Graham Cluley, senior technology consultant at Sophos, on the company’s blog.

Clickjacking -- also known as likejacking -- works by spamming Facebook users with such content as "LOL this girl gets owned after a police officer reads her status message” and “the prom dress that got this girl suspended from school."

Click on the link, and a user will go to a seemingly blank page that says “click here to continue.” But thanks to “an invisible iFrame,” said Cluley, clicking anywhere on the page actually republishes the attack content and link on the Facebook user’s status page, “in a similar fashion to the ‘Fbhole’ worm we saw earlier this month.” Fbhole likewise spread via Facebook status messages.

For anyone affected by the attack, Richard Cohen, technical lead for malware research at SophosLabs Canada, said there’s a two-step fix. First, “remove the page from your ‘likes and interests’ section. Next, “delete the page from your newsfeed -- it will probably be in the ‘Recent Activity’ section, but you may need to scroll down a bit to find it.”

This clickjacking attack follows a recent “Distracting Beach Babes” Facebook attack, which involved malware “posing as a video of young bikini-clad women on a beach,” said Cluley.

Clicking on the video’s link led to a rogue Facebook application -- going by such names as Avi Video, BluRay and Video Wave -- which offered to install the software required to view the “Distracting Beach Babes,” as the text leading to the malicious application characterized it.

Give the software permission to run, and it not only displays “a bogus message advising that you need to update your FLV player,” leading to an adware-download site, but also spreads by forwarding the video to everyone on your Facebook contacts list.

Accordingly to Sophos, there’s been a 70% rise in reported malware attacks via social networks from April to December 2009, with many organizations viewing Facebook as the riskiest of all social networking sites.

If Facebook is predicated on crowdsourcing news and opinions, could it be doing a better job of applying social networking to help spot and stop security outbreaks on its site? For example, Facebook security has yet to warn its users specifically about any of the above attacks by name or with any kind of description, referring only to there being “ several malicious applications” that it recently disabled.

According to Cluley, “Facebook needs to work harder both at preventing these kind of attacks from happening, and also better coordinating its response when an outbreak occurs.”

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
News
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Commentary
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll