Clickjacking Worm Exploits Facebook "Like" Feature

Clickjacking Worm Exploits Facebook "Like" Feature 124

Posted by StoneLion on Monday May 31, 2010 @11:17AM from the it's-no-robert-morris dept.

An anonymous reader writes "For the last 24 hours, a series of attacks have exploited Facebook's 'Like' feature through a clickjacking vulnerability. Using subjects such as 'This Girl Has An Interesting Way Of Eating A Banana, Check It Out!' hackers have spread an attack that links to web pages that use invisible iFrames to trick users into saying they like the content. Users are presented with a innocent-seeming web page that says 'Click here to continue,' but clicking at any point on the page publishes the same message to their own Facebook page. Security blogger Graham Cluley says that hundreds of thousands of Facebook users have been hit, and offers advice on how to clean up affected Facebook profiles.

Clickjacking Worm Exploits Facebook "Like" Feature

This discussion has been archived. No new comments can be posted.

Search 124 Comments Log In/Create an Account

Comments Filter:

Re:NoScript (Score:4, Interesting)

by Anonymous Coward writes: on Monday May 31, 2010 @11:53AM (#32407682)

Here's the line from my unbound.conf that solves all Facebook related problems for me:
local-zone: "facebook.com." static
followed by no local-data lines.
I see "address not found" error messages on lots of web pages: Facebook iframes are freaking everywhere. No more.

Re:StoneLion (Score:4, Interesting)

by tomhudson ( 43916 ) writes: <barbara.hudson@b ... m ['son' in gap]> on Monday May 31, 2010 @11:59AM (#32407724) Journal

If you click on his name, it shows he's one of those social media guys. "Slight" would be an understatement, and understandably - it's his job.
Plus, Facebook is in the news for its' privacy screw-ups. They have less than 3 months left in their deal with the Canadian government to bring their site into compliance with Canadian law (which is what got the whole "Facebook has a privacy problem" thing going 9 months ago, and got other governments to then launch similar probes).

Re:Interesting, but... (Score:2, Interesting)

by twidarkling ( 1537077 ) writes: on Monday May 31, 2010 @12:17PM (#32407900)

I figured it was probably malicious, but it was from a friend who's usually on the up-and-up, so I jacked up my security temporarily, and clicked. When I got the big white page with "click to continue," yeah, that's confirmation. Not a single one of those is in any way legit. Ever.

Re:NoScript (Score:3, Interesting)

by snl2587 ( 1177409 ) writes: on Monday May 31, 2010 @12:33PM (#32408074)

Reason #1 why I refuse to switch to Chrome.

Re:Advice (Score:4, Interesting)

by Khyber ( 864651 ) writes: <techkitsune@gmail.com> on Monday May 31, 2010 @12:38PM (#32408122) Homepage Journal

"P.S: Do we have to remind people that this shit work only on M$ platform?"
iFrame malware isn't *JUST* a Windows issue. Think harder next time.

Re:Link? (Score:3, Interesting)

by alvinrod ( 889928 ) writes: on Monday May 31, 2010 @12:38PM (#32408124)

You fool, there is no girl eating a banana. It was all a ruse, a nasty trick designed to play on your insatiable curiosity for the bizarre!

I know because I tried clicking on it :(

Reminds me of this bash.org quote. [bash.org]

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Clickjacking Worm Exploits Facebook "Like" Feature 124

Clickjacking Worm Exploits Facebook "Like" Feature More Login

Clickjacking Worm Exploits Facebook "Like" Feature

Re:NoScript (Score:4, Interesting)

Re:StoneLion (Score:4, Interesting)

Re:Interesting, but... (Score:2, Interesting)

Re:NoScript (Score:3, Interesting)

Re:Advice (Score:4, Interesting)

Re:Link? (Score:3, Interesting)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot