The security firm has identified a widespread clickjacking attack that hit hundreds of thousands of users on the popular networking site over the holiday weekend.
Affected profiles can be identified by having apparently ‘liked’ links with titles including:
‘LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE.’
‘This man takes a picture of himself EVERYDAY for 8 YEARS!!’
‘This Girl Has An Interesting Way Of Eating A Banana, Check It Out!’
Clicking on the links takes Facebook users to a page with a single line of text reading: ‘Click here to continue’. Clicking at any point on the page publishes the same message (via an invisible iFrame) to their own Facebook page in an attempt to aid the spread of the worm.
Graham Cluley, senior technology consultant at Sophos, said: “What the hackers have done is really sneaky. They hide an invisible button – using a hidden iFrame – under your mouse, so wherever you click your mouse-press is hijacked, secretly clicking on a button which tells Facebook that you ‘like’ the webpage.
“This then gets published on your own Facebook page, and shared with your online friends, resulting in the link spreading virally.
“Some of the pages ended up with hundreds of thousands of fans as a result. Facebook needs to tighten up the way it handles the ‘liking’ of external webpages before it is more widely abused by malicious hackers and spammers.”
Meanwhile other security companies are warning of other internet related scams designed to catch people out by using the subject of the World Cup.
Trend Micro sent out an alert about a scam designed to capitalise on the World Cup in South Africa by parting unsuspecting users from their cash.
The two 419-style scams requested information from the recipients to co-ordinate with a fake contact accompanied by a call to send in their contact details.
And it’s not just security companies who are highlighting problems. The Information Commissioner’s Office (ICO) also alerted users to a scam email pretending to come from the watchdog and claiming to have been sent by Information Commissioner Christopher Graham, which the email also claims works for the European Law Enforcement Agency.
Symantec and RSA Security have both released reports claiming that malware, as well as spam and phishing, has risen throughout May. RSA said that phishing attacks rose three percent to over 18,000 attacks. UK users were hard hit, being on the wrong side of almost half of the scams.
Symantec reckoned there were 1,770 new sites with malware or adware over May which was an increase of 5.6 percent on the previous month.