|
IT Developments
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Rogue Facebook apps steal log-in data, send spam
- From: Brian Warkoczeski
- Date: Thu Aug 20 08:58:54 2009
Rogue Facebook apps steal log-in data, send spam
By Elinor Mills CNET News
news.zdnet.com
Aug 20, 2009
Security firm Trend Micro warned on Wednesday that a handful of rogue
Facebook apps are stealing login credentials and spamming victims' friends.
So far, six malicious applications have been identified: "Stream",
"Posts", "Your Photos", "Birthday Invitations", "Inbox (1)," "Inbox (2)"
according to a blog post by Trend Micro researcher Rik Ferguson.
As of Wednesday afternoon, all of the apps were live except for
"Stream", he said in an e-mail.
The activity started earlier in the week with a Facebook notification
Ferguson says he got from an app called "sex sex sex and more sex!!!",
which has more than 287,000 fans. The notification said that someone had
commented on one of his posts. That app doesn't appear to be malicious
and may have been compromised somehow to begin the distribution of the
spam, he said.
That first notification included hyperlinks that led to a phishing site
on the "fucabook.com" domain, allegedly registered to someone in
Armenia, he said. Once Ferguson gave up his credentials (for a Facebook
account he uses for research purposes) he was directed to Facebook and
to an application install screen for the app called "Posts".
For rest of article, see:
http://news.zdnet.com/2100-9595_22-333193.html
|
|
|
