Viral Clickjacking Worm Targets Facebook Users

Hundreds of thousands of Facebook users were lured over the Memorial Day weekend by a social-engineering scheme that allowed a clickjacking worm to spread quickly over the popular social networking site, according to Sophos.

The exploit works by presenting people with friend profiles that “Like” links with titles such as “LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE” and “The Prom Dress That Got This Girl Suspended From School.” After clicking the link, users saw a screen with the words “Click here to continue.” Clicking that message, or anywhere else on the page, caused the users to add the link to their list of Likes. As long as those users were logged in, their profiles automatically recommended the link to new friends.

Sophos has detected the offending webpages as being infected by Troj/Iframe-ET, which is usually discovered in webpages that perform clickjacking,

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cloud

Dude, Where is My Virtual Sofa?

Executive Spotlight: Bill Varner of ManTech - top government contractors - best government contracting event

Executive Spotlight: Bill Varner of ManTech