http://news.bbc.co.uk/2/hi/technology/10224434.stm Page last updated at 9:54 GMT, Thursday, 3 June 2010 10:54 UK Hundreds of thousands of Facebook users are falling victim to so-called "clickjacking" attacks, warn web security labs. Facebook members see links to subjects such as "World Cup 2010 in HD" or "Justin Bieber's phone number" that their friends appear to have "liked". Clicking the link tricks users into recommending the site on Facebook too. Security experts say the scam currently has no malicious intent but could be adapted to deliver malware. The link generally takes the user through to a page containing an instruction, such as asking them to click a button to confirm that they are over 18. However, wherever they click on the page it adds a link to their own Facebook profile saying they have also "liked" the site. Currently the purpose of clickjacking is "trivial" and does not actively result in any malware or phishing attacks, said Graham Cluley, senior technology consultant at Sophos. "At the moment the attacks which we've seen are more like old-school viruses - written for the heck of it to see how many fans they can get. "But our feeling is that it would be fairly easy for the bad guys to introduce some revenue generation for themselves," he told BBC News. Clickjacking works across all computer operating systems, added Mr Cluley. The Facebook attack uses iFrames, which essentially places an invisible button over an entire web page, so that wherever the user clicks, they end up hitting the button - in this case a hidden Facebook "like" button. A free plug-in called NoScript, built for the Firefox web browser, includes pop-up warnings about potential clickjacks. However, it will also query clicks on Flash videos, commonly used on many websites - and it is not easy to install, said Mr Cluley. "You have to be a little bit nerdy to configure it." Ads by Deegle
|
Thursday, June 03, 2010
Facebook "Clickjacking" Spreads Across Facebook
Subscribe to:
Post Comments (Atom)
10 Day Weight Loss Pills
Popular Posts
-
About ten years ago I contracted Morgellons from staying outside, looking up, photographing and videoing chemtrails for 45 minutes str...
-
Yes, we need a thorough investigation. Just in: A webpage that has been removed showing more recent photos of Trayvon : Google cache...
-
Yes, I've heard of the Web Bot - Thank you for this, Sylvia! Dee Opcion de 2 Documentos, uno en ingles y el otro traducido por g...
-
And for Good Reason! – FLAGSTAFF, Arizona — A relatively new type of drug-resistant Staphylococcus aureus could represent the world’...
-
Dr. Brad Eli Founder and Director San Diego Headache and Facial Pain Center Dr. Brad Eli is the Founder and Director of the San Diego...
-
BRAY’S POINT, Ore. – They can’t be moved; even when yanked by a four-wheel drive truck pulling on heavy chains tied around these humming met...
URGENT - Your LIBERTY at RISK
GET A GROUPON!
Curious about what the future holds? Click here to find out how you can receive a 10 minute psychic reading from Psychic Source.
Calculator-1.com - The Best Free Online CalculatorŠ½
No comments:
Post a Comment