Huge 'sexiest video ever' attack hits Facebook
'Stunning' attack targeted Internet Explorer users, planted adware on victims' PCs
Computerworld - A huge attack by a rogue Facebook application last weekend infected users' PCs with popup-spewing adware, a security researcher said Monday.
On Saturday, AVG Technologies received more than 300,000 reports of the malicious Facebook app, said Roger Thompson, AVG's chief research officer. AVG came up with its tally by counting the number of reports from its LinkScanner software, a free browser add-on that detects potentially poisoned pages.
"It was stunning, really, the number," said Thompson in an interview via instant message late Monday. "And stunning that it was not viral or wormy [but that] Facebook did it all by itself."
The volume of reports on Saturday's rogue Facebook software was highest during the nine-hour period between midnight and 9 a.m. Eastern, with spikes of approximately 40,000 per hour coming at 7 a.m. and noon. For the day, AVG received more than 300,000 reports, triple that of AVG's second-most-reported piece of spyware.
According to Thompson, Facebook eradicated the rogue application about 15 hours after the attack started. Facebook's only acknowledgment of the attack came on its security page, where a "Tip of the Week" Monday morning read: "Don't click on suspicious-looking links, even if they've been sent or posted by friends."
But other security firms also noted the attack. Both U.K.-based Sophos and U.S. security company Websense dubbed the attack "Sexiest video ever," based on the message that appeared on Facebook users' walls, seemingly from their Facebook friends.
Clicking on the link lead users to a Facebook application installation screen, where users were asked to allow the software to access their profiles and walls. Once approved, the application claimed that users had to download an updated version of FLV Player, a popular free Windows video player.
The download was nothing of the sort, but instead the notorious Hotbar adware, a toolbar that inserts itself into Internet Explorer, then starts displaying pop-up ads and links.
The attack spread as the malicious Facebook app posted the same "Sexiest video ever" message on the walls of victims' friends.
According to Thompson, the massive attack demonstrates the power of large social networking sites.
"Facebook is very responsive to threats when we identify them, and removing these applications as soon as they find them, but they're still able to generate huge traffic, just because of the viral nature of social networks," he said in a statement earlier Monday. "It is staggering how many threats were propagated before they were stopped."
Criminals have recognized the value of abusing Facebook to spread adware, launch identity theft attacks or plant malware on users' PCs. Kaspersky Lab, for example, recently estimated that almost 6% of all identity theft attacks originated from Facebook in the first three months of the year, putting the site in fourth place behind PayPal, eBay and the London-based bank, HSBC.
"This was the first time since we started monitoring that attacks on a social networking site have been so prolific," Kaspersky's report said.
Websense offers a free tool called Defensio that, among other things, protects Facebook pages against spam, unwanted URLs and malicious content.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Read more about Web Apps in Computerworld's Web Apps Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Six Ways Your Small Business Can Save with Internet Phone Service Traditional phone systems present two main problems for businesses: limited features and high costs. As a result, small businesses are migrating to Internet...
- Face Time Anytime Real-time communications facilitates team collaboration from nearly anywhere in the world. With facts and figures you can use to justify an investment
- Now is the time to implement a video conference solution Video conferencing is getting a lot of buzz lately due to the recent cost decrease, making it tangible for many law firms. It's...
- Video drives engagement Achieving maximum results means building a solid platform and network infrastructure. As digital age unfolds, it's clear that the ability to communicate effectively...
Enhance Your Virtualization Infrastructure With IBM and Vmware
Date: Wednesday, May 14, 2014, 1:00 PM EDT
Virtualization technology is now expanding beyond the server compute elements to encompass networking and storage...
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
All Web Apps White Papers |