Porn plus Facebook can lead to embarrassment, perhaps worse

Facebook and its infrastructure didn't seem to be at fault

The mechanism behind a click-jacking attack that was spread by luring in Facebook users with a link to a porn site that has the potential to do more damage than just embarrassing those who fall for it.

When users clicked on a link posted to a friend's Facebook wall, their Firefox browsers were tricked into updating the victims' own Facebook settings so the same link is posted on their wall, a Facebook spokesman says.

12 tips for safe social networking

Facebook has responded by blocking the URL associated with the porn site and is taking down the links on affected users' walls. "Overall, an extremely small percentage of users were affected," a Facebook spokesman said via e-mail. "As always, we’re asking people not to click on suspicious links, even if they've been sent or posted by friends." (see the Facebook security page.)

Duped users wind up with the photo on their wall of a woman wearing a thong. If they click on the photo, they are directed to a site where, if they click on a button marked "click this button," the Facebook worm does its work, says Roger Thompson, the chief security researcher at security software vendor AVG, who blogged about the problem and posted a demonstration of how it worked .

The exploit didn't work with Internet Explorer, Thompson says.

Embarrassment and possible chastisement seemed to be the downside of falling victim. "[The photo link] advertises to all your friends that you went there, so it could get you in trouble with your spouse, family member or your employer if you're doing it at work," Thompson says.

But the mechanism could just as easily be used to steal passwords cached in browsers or inject other worms into them, he says. "It seems an awfully good hack just to direct people to an adult Web site for very small gain," he says. "How do they profit from that?"

Facebook and its infrastructure didn't seem to be at fault, Thompson says. They were interacting with what seemed to be a legitimate user who has logged in properly.

The Facebook spokesman says the site is hit by phishing and malware attacks daily and has automated systems that detect and flag Facebook accounts that are likely to be compromised. "We also delete malicious links and block them from being shared, and we work with third parties to get phishing and malware sites added to browser blacklists or taken down completely," he says.

Tags securityclickjackingsocial networkingFacebook

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?