Facebook clickjacking: Dirty Italian schoolteacher undresses

by Paul Baccas on February 10, 2011 | 1 Comment

Filed Under: Clickjacking, Facebook, Social networks, SophosLabs, Spam

Italian users could be at risk of being clickjacked on Facebook, as a new attack is seen spreading between users.

SophosLabs has been seeing some detections of Mal/FBJack-A from Italian users, as they attempt to watch a video of a stripping Italian schoolteacher.

Video tease

The webpage presents itself as though it is about to play a video. It's title reads:

Professoressa SP0RCACCIONA si SP0GLIA nei banchi scuola per scommessa , VIDEO DA NON PERDERE

If you don't speak Italian, here is a rough translation 'in inglese':

Dirty teacher undresses between the school desks. Video not to be missed.

Searching on Google I was able to find over 3000 apparent links to the attack page, indicating that the scam is widespread on Facebook at the moment.

Google results

Here is what an infected Facebook user's page would look like, with mention of the clickjacking page in their "Likes" section:

Image of an infection on an affected user's Facebook page

Facebook users not using Sophos Anti-Virus can protect themselves from clickjacking threats like this by using browser plugins such as NoScript.

NoScript blocking the clickjacking attack

Facebook users can learn how to protect themselves by reading Sophos's recommendations for Facebook security. Interestingly, our advice looks much sexier in Italian: Consigli di Sophos per le impostazioni di Facebook.

To keep informed about the latest Facebook security threats, please join the Sophos page on Facebook where we regularly highlight new attacks.

Tags: , , ,

One Response to Facebook clickjacking: Dirty Italian schoolteacher undresses

  1. PhilCat says:
    February 24, 2011 at 9:32 am

    Now lets see the actual process of how lax FaceBook reviews scam ad's placed on their servers.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Paul O Baccas joined Sophos in 1997 after studying Engineering Science at Oxford University. Currently, he is employed as a Senior Threat Researcher, SophosLabs UK, with areas of interest including: non-PE malware, spam, data leakage, linux and Mac threats. Paul has published several papers, and was a technical editor for the "AVIEN Malware Defense Guide." He has written articles for security industry journal Virus Bulletin and is a frequent contributor to the Naked Security site.