Facebook Slammed By Adware Attack
A security researcher calls the weekend attack 'stunning in terms of scale.'
Lured by the promise of the "sexiest video ever," hundreds of thousands of Facebook users found their PCs infected by adware over the weekend.
More Hardware Insights
- The Untapped Potential of Mobile Apps for Commercial Customers
- The Critical Importance of High Performance Data Integration for Big Data Analytics
- IDC Analyst Connection: Using Blade Systems to Cut Costs and Sharpen Efficiencies
- Data center consolidation restructures your IT costs for continued growth: New discovery tools determine logical and physical move dependencies to help limit risk
Unsuspecting users clicked on a thumbnail showing a miniskirt-clad woman on an exercise bike, apparently posted on their Facebook page by a friend. Instead of seeing the video, users were told they did not have the correct software installed and were directed to download the necessary application. Then, instead of accessing video software, users downloaded popup-spewing adware, according to security software developer Sophos.
The malware uses Hotbar, a toolbar that connects to Internet Explorer and Windows Explorer, and connects users with paid ads and search engines, according to Switched. The toolbar also may gather personal data and download other updates from its server.
"You may want to watch a sexy video, but you're more likely to end up being plagued by pop-up advertising," said Graham Cluley, a senior technology consultant at Sophos, told The Economic Times. "It's no surprise that your friends might click to watch the movie when it looks to all intents and purposes that you are the person who has sent it to them."
In fact, more than 300,000 users reported the problem to AVG Technologies, said Roger Thompson, chief research officer at the developer of free anti-virus software.
"This latest issue really underscores how powerful, while at the same time vulnerable, social networking applications are. This attack was actually stunning in terms of scale,” he said. “Facebook is very responsive to threats when we identify them, and removing these applications as soon as they find them, but they’re still able to generate huge traffic, just because of the viral nature of social networks. It is staggering how many threats were propagated before they were stopped.”
Within 15 hours of the attack, Facebook removed the application, Thompson said. In a "Tip of the Week" on Monday, Facebook cautioned account-holders not to click on suspicious-looking links, even if they'd apparently been sent or posted by a friend.
This is not, of course, the first or last malware attack targeting Facebook users. In March, for example, McAfee warned Facebook users about a password-stealing phishing attack, where scammers sent emails purportedly from the social networking site, telling users their passwords had been reset and users had to click on an attachment to retrieve it. The attachment was, in fact, a password stealer that installed when clicked.
Download the first issue of InformationWeek's Boardroom Journal, with our cover story on how to explain your plan for SaaS to the top brass in your company. Also in this issue: Five areas where SaaS can trip you up; what SaaS really delivers; and why HR departments must take extra care when using SaaS. Get it here. (Registration required.)