Share
Millions of people use the various applications on Facebook to share opinions and kill time. However, some of those applications are offering more than simple amusement. AVG’s Roger Thompson has discovered that they are offering Rogue anti-virus software.
Hijacked Facebook applications leading to Rogue anti-Virus.
Thompson’s research shows that at least seven applications on Facebook that have been hijacked to point to malicious domains in Russia that are serving Rogue anti-Virus software. What’s interesting, Thompson noted, is that not only are the application users victims, but the application developers are too.
One such application, CityFireDepartment, allows a player to become a fireman. However, players who have installed the application have reported that it leads to Rogue anti-Virus installations. Checking up on those claims, Thompson confirmed that CityFireDepartment was not malicious itself, but hijacked by attackers using malicious IFRAMES.
Loading the application, users are immediately targeted by exploits aimed at Adobe’s software, and through no interaction on their own, Rogue anti-Virus is installed on their systems. Several users have reported the issue, but at this time, it is still a problem.
Thompson wasn't sure where the vulnerability was in the hijacked Facebook application. However, the criminals are targeting it to alter the destination used by the IFRAME at least once a day.
In addition to the CityFireDepartment application, MyGirlySpace, Ferrarifone, Mashpro, Munameis, Pass-it-on, Fillinthe, and Aquariumlife are also being exploited.
Thompson suggests avoiding these applications, as well as maintaining software patches, such as the application of the recent Adobe patches. More details, as well as images, are on Thompson’s blog.
The Tech Herald: Rogue anti-Virus holding systems hostage
The Tech Herald: Not all Rogue anti-Virus software is created equal
The Tech Herald: A guide to Facebook security and privacy
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story