‘Clickjacking’ epidemic spreads across Facebook
June 4th, 2010 - 5:36 pm ICT by ANI
Washington, June 4 (ANI): Facebook seems to be facing an online epidemic - hundreds of thousands of Facebook users are falling in the “clickjacking” trap, according to web security labs.
Users are tricked into clicking links such as “World Cup 2010 in HD” or “Justin Bieber’s phone number” that their friends appear to have “liked”.
Once clicked, the site is recommended on Facebook too, and could pose danger of potential malware, even though currently there’s no such content on these sites. It also works across all computer operating systems.
The link generally takes the user through to a page containing an instruction, such as asking them to click a button to confirm that they are over 18.
However, wherever they click on the page it adds a link to their own Facebook profile saying they have also “liked” the site.
‘Clickjacking’ for now, is harmless, and does not actively result in any malware or phishing attacks, said Graham Cluley, senior technology consultant at Sophos.
“At the moment the attacks which we’ve seen are more like old-school viruses - written for the heck of it to see how many fans they can get.
“But our feeling is that it would be fairly easy for the bad guys to introduce some revenue generation for themselves,” BBC News quoted him as saying.
A free plug-in called NoScript, built for the Firefox web browser, includes pop-up warnings about potential clickjacks, but will also query clicks on Flash videos, commonly used on many websites - and it is not easy to install, said Mr Cluley.
“You have to be a little bit nerdy to configure it.” (ANI)
- Beware Of Facebook Worm, Thousands Infected - Jun 05, 2010
- Cyber criminals to target social networks, mobile devices: Security Report - Apr 06, 2011
- New Facebook Worm Affects Millions Of Users - Jun 05, 2010
- Warning for Facebook users: 'Sexiest video' message contains malware - May 19, 2010
- BLADE software eliminates threats of 'drive-by downloads' from Internet - Oct 07, 2010
- Lady Gaga's free iPad contest is a hoax - Dec 22, 2011
- Be Wary Of Rogue App In Facebook! - Jul 07, 2010
- New browser combines web search with Facebook - Nov 09, 2010
- JavaScript can allow anyone to access your web-surfing history - Dec 04, 2010
- Facebook Clickjacking Worm May Hurt Your Wallet, Warns Sophos - Aug 19, 2010
- Twitter hack sends users to hardcore porn sites - Sep 22, 2010
- 'See who viewed your profile' is latest Facebook scam - Nov 30, 2010
- 8 in 10 web browsers vulnerable to hackers, criminals - Feb 19, 2011
- Google 3D medical browser maps human body - Dec 17, 2010
- 'Hacker' application on Facebook stealing users' personal info - Aug 18, 2010
Tags: bad guys, bbc, computer operating systems, epidemic, facebook, firefox web browser, heck, hundreds of thousands, justin bieber, malware, noscript, old school, phishing attacks, revenue generation, security labs, senior technology, sophos, technology consultant, web security, world cup 2010