Facebook users clickjacked by the 101 Hottest Women in the World

Filed Under: Celebrities, Clickjacking, Facebook, Malware, Social networks

Facebook users are being hit by yet another clickjacking worm attack that is exploiting the third-party "Like" button facility (dubbed "likejacking" by Sophos).

Many Facebook users' profiles have been updated by the clickjacking attack to say that the user likes a webpage called

:|:| 101 Hottest Women in the World :D :|:|

Facebook user liking 101 Hottest Women in the World

If you are curious as to what your online friend "likes" and click on the link you are taken to a webpage containing an image of Hollywood actress Jessica Alba.

101 Hottest Women in the World

Sophos detects the page as Troj/Iframe-ET.

Clicking anywhere on the page will - if you are logged into Facebook - update your Facebook page without your permission to say that you also "Like" the page. You are probably oblivious to this, of course, as by now your web browser has been redirect to pictures of attractive female celebrities on the website of men's magazine Maxim.

It's quite startling how well these "likejacking" attacks can spread via social networks like Facebook.

By hiding an invisible button under your mouse, the hackers are able to capture your click wherever you click on the webpage. So your mouse press is hijacked and secretly clicks on a button which tells Facebook that you 'like' the webpage instead.

Why are people creating clickjacking worms like this? The answer is simple - to make money. The site is part of the CPALead advertising network, popping up a survey asking for personal information, and helping to generate revenue for those behind this scam.

Facebook really needs to grab this problem by the horns, as it is increasingly being struck by clickjacking worms. The social network should tighten up the way it handles the 'liking' of external webpages before it is more widely abused by malicious hackers and spammers.

After all, this isn't a new problem. In recent weeks we have seen clickjacking attacks on Facebook pretending to be naked pictures of a female rock singer, jokes, and even interesting ways to eat a banana.

It's perhaps no surprise that many people (well, guys at the very least) are all too happy to click on a link which promises to show them pictures of the 101 hottest women in the world.

If you believe you may have been hit by this attack, view the recent activity on your news feed, check your recent activity, and delete entries related to link. You may also be wise to warn your friends if they might have followed your lead and also clicked on the link.

If you're regular user of Facebook, you should join the Sophos page on Facebook to be kept informed of the latest security threats.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.