Friendly Computers warns you to be careful using Facebook apps. There are few out there that can steal your log in info and spam your friends. Read more below…
Source: http://news.cnet.com/8301-27080_3-10313618-245.htmlSecurity firm Trend Micro warned on Wednesday that a handful of rogue Facebook apps is stealing log in credentials and spamming the victim's friends.
So far, six malicious applications have been identified: "Stream," "Posts," "Your Photos," "Birthday Invitations," "Inbox (1)," "Inbox (2)" according to a blog post by Trend Micro researcher Rik Ferguson.
As of Wednesday afternoon, all of the apps were live except for "Stream," he said in an e-mail.
This screenshot shows evidence of the phishing scam on Facebook.
(Credit: Trend Micro)
The activity started earlier in the week with a Facebook notification Ferguson says he got from an app called "sex sex sex and more sex!!!," which has more than 287,000 fans. The notification said that someone had commented on one of his posts. That app doesn't appear to be malicious and may have been compromised somehow in order to begin the distribution of the spam, he said.
That first notification included hyperlinks that led to a phishing site on the "fucabook.com" domain, allegedly registered to someone in Armenia, he said. Once Ferguson gave up his credentials (for a Facebook account he uses for research purposes) he was directed to Facebook and to an application install screen for the app called "Posts."
He installed that app and immediately his friends were spammed with a bogus notification "Profile_name has sent you a message," with the hyperlink to the phishing site.
On Tuesday, the first couple of apps were sending notifications that hyperlinked to the fucabook phishing site but by Wednesday the destination had changed to a simple IP address rather than a domain name, he said. A JavaScript that pulls up Facebook bounces the browser around among any of the six rogue apps to get them widely installed and the cycle continues, he said.
All the apps look and act exactly the same and include ads.
"I am keeping Facebook informed of these developments as they arise and they are working hard to rectify the situation," Ferguson wrote on his blog.
A Facebook spokeswoman said the company was looking into the matter and provide more comment later.
Ferguson recommends that Internet users always check the URL displayed in the browser address bar before entering any sensitive information on a site and hover the mouse over a hyperlink to see the URL. Facebook users should also review their privacy settings regularly and delete any applications they no longer use, he said.
