Facebook clickjacking worm

Internet security specialists have identified a new clickjacking attack that targets Facebook users. Luckily, the attack does not seem to cause any harm to the user or her computer.

The current threat is being spread through a page that looks like it contains an error page. Unknown to the user, though, an invisible frame installs a worm whenever the page is clicked. Unlike some clickjacking attacks, it seems that clicking anywhere on the page will execute the attack because the hidden button follows the cursor. In most previous attacks, invisible buttons have been hidden in specific locations, thereby making it important for the page to control user activity and encourage them to click on the right spots.

Facebook and other social networking sites make it easy for clickjackers to spread their attacks. This current attack causes the user’s Facebook account to post the following message : Try not to laugh xD http://www.fbhole. com/omg/allow.php?s=a &r=[random number]’.

When this message is posted to the user’s wall, all members who are connected to that person are encouraged to follow the link. The link, however, does not lead to a funny video as suggested by the post. Instead it leads to an error message with a hidden clickjack button.

So far this worm does not seem to have any negative effects. It simply replicates itself by posting the message on the infected person’s Facebook wall.

Other clickjacking attacks, however, have been known to steal private information and install dangerous viruses.

Explore posts in the same categories: Uncategorized

Tags: , , , , ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: