In association with heise online

04 January 2008, 13:57

Facebook widgets try to install spyware

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Fortinet security team warns about spyware which spreads through the Facebook social networking site. According to the advisory, the spyware uses the Facebook widget feature, which allows users to integrate their own programs into the pages of the web portal. When attacked a user is informed that "Someone has a Secret Crush on you". To find out who this person is, the user is then instructed to install the "Secret Crush" widget. However, in order to proceed, the user has to invite an additional five contacts to install the widget.

The widget itself contains an IFrame which links to the Zango adware/spyware. Upon installation, Zango injects advertisements and other content. Although the user still has to install the software, Fortinet believes that the sender of these "Secret Crush" invitations exploits the carefree nature of Facebook users. Those who are prepared to publish personal information also don't hesitate to install widgets and click on various links. In principle, widgets could be exploited to slip users IFrames to pages which infect systems through browser vulnerabilities, similar to the exploits which used the MPack web attack toolkit last year. Facebook has been informed about the problem.

Only recently, a JavaScript worm spread through the Orkut social networking page. According to security specialists, these contact pages have enormous potential for the criminal distribution of malware or acquisition of personal information for more targeted attacks. Facebook alone has about 50 million users.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit