Facebook Virus!: Warning

A new Facebook clickjacking attack is making the rounds, and this one is as sly as they come. The attack spreads through a malicious website, http://fb.59.to, leading users to thisYouTube video.

The method used to spread the link is particularly interesting. A Facebook users sees a post on a friend’s wall, with a thumbnail and the caption “New Pix”. Clicking on this link will lead you to the aforementioned video, but it will also spread by posting the same link on your own wall, seemingly without your intervention.

The trick is in the fake turing test, seemingly set up to determine if the user is human. After you click on the link on Facebook, you’re asked to find the blue button amongst a number of multicolored buttons. This button is actually the Facebook share button; by clicking on it, you’re actually willingly sharing the link on Facebook, but the entire Facebook page is concealed with the use of two IFRAME elements (for a detailed explanation of how the attack works, see here).

Needless to say, this type of attack can easily trick the user into opening something far more dangerous than a YouTube video. You should, as always, be very careful when clicking on any suspicious links on Facebook. This attack currently works only in Firefox and Chrome, but we wouldn’t be surprised to see “fixed” and more dangerous versions of it soon.

(Remember, Facebook might be very secure, but some people might sit at their computers for days, and days, and days just to develop this one virus. So this is a warning, and don’t take foolishly)






Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s