I thought of finding the logic behind this. When I clicked on this i landed on an application named "Candid Camera Prank! [HQ]". Once i clicked on this, i got message like thanks for subscribing to watch video click on continue. Once you click continue, it will ask you for some common FB options like:
* Publish on your wall, and
* Access your public data
Generally nobody bother about it and click on "Allow", this is so i did and this was my mistake. It will show you a nice photograph along with a sweet error something like "Your FLV player is not up-to-date and you need to download the latest version". I clicked yes and a good named "VLCSetup.exe" but ugly file downloaded on my desktop.
After doing all this efforts i was not able to see the video, then angrily and tiredly i returned back to my profile and i was shocked. What am i looking on my wall. The very same posting is published on all of my friends wall with my name as a suggestive comment to them.
Please remove the application by following the simple steps.
Goto your "Account"-> "Application Setting", find "WINAMP" in the list and click on 'X' to Remove application from you profile.
But any was this was a king of SPAM of i could say Scripting virus. The file downloaded which we discussed recently was actually a "Adware" but the detection was very poor. You may find the detection here:
Websense posting about the same
http://securitylabs.websense.com/blogs/securitylabs/archive/2010/05/15/sexiest-video-ever-on-facebook.aspx
This was all the issue of FB applications, how a naive user allows an application to do with their data whatever it wants. I think Web2.0 Awareness is prevention against these kind of attacks. This could happen on any social networking websites.
http://securitylabs.websense.com/blogs/securitylabs/archive/2010/05/15/sexiest-video-ever-on-facebook.aspx
This was all the issue of FB applications, how a naive user allows an application to do with their data whatever it wants. I think Web2.0 Awareness is prevention against these kind of attacks. This could happen on any social networking websites.
"h@v3 @ $@f3 br0w$!n9"
nj0y !!!
No comments:
Post a Comment