Sunday, January 31, 2010

Facebook unnamed app: Hackers poison search results

MUMBAI / BANGALORE, India – January 27, 2010 – IT security and data protection firm, Sophos, has today commented on the scare that is currently spreading between Facebook users. Users of the social-networking site are warning each other of what is rumored to be a rogue application, spying on their activities on Facebook. Users are told in the warning that they can find the "Unnamed app" by going to "Settings"/"Application Settings" and then choosing "Add to Profile" from the drop-down box.

Here's a typical example of the message that is being passed around:

ALERT >>>>> Has your facebook been running slow lately? Go to "Settings" and select "application settings", change the dropdown box to "added to profile". If you see one in there called "un named app" delete it... Its an internal spybot. Pass it on. about a minute ago...i checked and it was on mine.


"Sure enough, when I went to look on a Facebook account I found an ‘Unnamed app’" said Graham Cluley, Senior Technology Consultant at Sophos. "However, I'm not seeing any evidence that the application is malicious. Indeed, it seems to me that the only sin it may have committed might be to have been given a daft unhelpful name. According to Facebook itself, it appears to be a buggy presentation of the boxes tab that appears on users' Facebook profiles."

The news of the "dangerous" app is spreading more quickly than the sensible advice for everyone to calm down. And, as a result, many people are searching the Internet trying to find clues about the Facebook application.

It is at this point that the malicious hackers enter the story. Just as they have done with other Facebook scares (like the Facebook Fan Check Virus scare and the Error Check System application), hackers have created web pages stuffed with keywords related to the "Unnamed" (sometimes "Un named") app.

This and other search engine optimisation (SEO) techniques have helped hackers push their webpages high into the upper reaches of search results.

And if you happen to stumble across one of these malicious sites after searching for information about the "Facebook Unnamed app" you might find yourself infected by fake anti-virus software, designed to trick you out of your hard-earned cash.

Sophos detects the malware seen on these infected webpages as Mal/FakeVirPk-A.

"People may feel they are helping each other by spreading the bogus warning on Facebook, but in fact are potentially putting them at risk" added Graham Cluley.

Graham Cluley is available for comment on +44 (0)7990 552181. Follow Graham Cluley on Twitter: @gcluley. Graham Cluley is recipient of two most prestigious awards in this knowledge domain: ‘IT Security Blog of the Year’ (http://www.sophos.com/blogs/gc) and ‘Twitter user of the Year’ (http://www.twitter.com/gcluley)

# # #

About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use, and that deliver the industry’s lowest TCO. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs—a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards. Sophos is headquartered in Oxford, UK and Boston, US. More information is available at www.sophos.com
Facebook unnamed app: Hackers poison search resultsSocialTwist Tell-a-Friend

No comments:

Post a Comment