The worm activates when user clicks on a link presented with an innocent-looking web page in the form of Facebook Like button, clicking the page immediately will re-direct you to a new window with a text that reads, “Click here to continue”, but clicking at any point on the page published the message to their own Facebook page.
The attack, which is said to have hit hundreds of thousands of users, uses a combination of social engineering and clickjacking exploit that would appears as if a user has “Liked” the link.
Hackers targeted links that use invisible iFrames to tricks users into saying they have liked the content.
Messages that are used in the link text include, 1“LOL this girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE”, 2“This man takes a picture of himself EVERYDAY for 8 YEARS!!", 3“The Prom Dress That Got This Girl Suspended From School” , and 4“This Girl Has An Interesting Way of Eating A Banana, Check It Out”!
The worm signature is extremely similar to FBhole worm that spread across Facebook ten days ago.
No comments:
Post a Comment