Clickjacking Worm Exploits Facebook "Like" Feature

← Back to Stories (view on slashdot.org)

Clickjacking Worm Exploits Facebook "Like" Feature

Posted by StoneLion on Monday May 31, 2010 @03:17AM from the it's-no-robert-morris dept.

An anonymous reader writes "For the last 24 hours, a series of attacks have exploited Facebook's 'Like' feature through a clickjacking vulnerability. Using subjects such as 'This Girl Has An Interesting Way Of Eating A Banana, Check It Out!' hackers have spread an attack that links to web pages that use invisible iFrames to trick users into saying they like the content. Users are presented with a innocent-seeming web page that says 'Click here to continue,' but clicking at any point on the page publishes the same message to their own Facebook page. Security blogger Graham Cluley says that hundreds of thousands of Facebook users have been hit, and offers advice on how to clean up affected Facebook profiles.

8 of 124 comments (clear)

Min score:

Reason:

Sort:

Link? by Ecuador · 2010-05-31 03:21 · Score: 5, Funny

I hate posts without proper links...
So, who will post the direct link to the girl with an interesting way of eating a banana?

--
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
1. Re:Link? by Low+Ranked+Craig · 2010-05-31 04:50 · Score: 3, Funny
  
  The banana is a lie!
  
  --
  I still cannot find the droids I am looking for...
2. Re:Link? by Anonymous Coward · 2010-05-31 05:01 · Score: 1, Funny
  
  So, who will post the direct link to the girl with an interesting way of eating a banana?
  
  I will. Here it is.
  
  That video's got to be at least 3 years old, and I'm still impressed.
I was afraid to click the link... by Robin47 · 2010-05-31 03:26 · Score: 3, Funny

after that article.
Re:Advice by gEvil+(beta) · 2010-05-31 03:33 · Score: 2, Funny

Here. I'll offer the simplest advice you can get: Stop clicking on stupid shit.

I can't wait till a link from the Idle section turns out to be serving up malware...

--
This guy's the limit!
Re:caterpillar by WrongSizeGlass · 2010-05-31 03:50 · Score: 4, Funny

Why does the Slashdot section on worms have a picture of a crawling caterpillar?
They do it just to bug people ;-)
Interesting, but... by Anonymous Coward · 2010-05-31 03:52 · Score: 1, Funny

This has been going on for weeks, I received three at least two weeks ago. It wasnt that hard to realize it was malicious; my sister doesnt tend to care about how other women eat bananas
Re:Advice by vlm · 2010-05-31 04:06 · Score: 5, Funny

Eh. The scammers use "stupid shit" as the bait because that's what works. If "intelligent shit" started attracted the most clicks, they'd start using that instead.
OK I'm all confused now. Just answer the question, is "Why Apple Is So Sticky" safe to click on or not?

--
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger