Tuesday, June 01, 2010

Never Met a Facebook Page I Liked

If you like this Facebook page, as described in recent post on Graham Cluley's Sophos blog, you're going to get hit by a clickjacking Trojan. The Likejacking exploit, as Network World and Richard Cohen at Sophos calls it, attracts users by a suggestive message -- very similar to other social-engineering tricks -- and then redirects users to a page that downloads the Trojan, which replicates the suggestive messages to all the victim's friends.

According to Sophos, the Troj/IFrame Trojan just replicates virally through Facebook pages and doesn't appear to steal user credentials. It just forces users to "like" a Facebook page, as the social-networking site calls it, without the user's knowledge.

Interestingly, the blog post, which has technical details about the exploit, advises users to join the Sophos page on Facebook to get alerts about other security threats.


Post a Comment

<< Home