Trojans on Facebook

Discussion in 'malware problems & news' started by Pinga, Oct 16, 2009.

Thread Status:
Not open for further replies.
  1. Pinga

    Pinga Registered Member

    Aug 31, 2006
  2. chronomatic

    chronomatic Registered Member

    Apr 9, 2009
    Wow, I am surprised. Facebook is vulnerable. :D
  3. the Tester

    the Tester Registered Member

    Jul 28, 2002
    The Gateway to the Blue Hills,WI.
    That's interesting, but not a surprise.
    Validation for my lack of trust in social network type sites?
  4. Rmus

    Rmus Exploit Analyst

    Mar 16, 2005
    Probably better odds of not encountering something on Facebook than on the world wide web! From earlier this summer:

    55,000 Web sites hacked
    According to this blog about the Facebook trojan, the application had an i-frame embedded in the code which redirected the user to a Russian Web site whereupon a rogue security application exploit was set in motion.

    In his blog, Thompson writes,

    This implies some type of code injection exploit, such as SQL in web pages. But in another article, Thompson is quoted:

    Hacked Facebook apps
    You may remember that the Gumblar PDF exploits also gained access to thousands of web sites by compromised FTP passwords, whereupon the malicious code was embedded in the pages.

    Thompson doesn't detail exactly how the Facebook exploit is triggered. Is it a social engineering ploy? Or remote code execution? One of his screenshots shows the download of Antivirus Pro 2010 in progress but he also states:

    Another article has this to say:

    Hacked Facebook Apps Lead to Fake Antivirus Software
    What software? An old IE exploit? PDF?

    Not surprising, since no real helpful information is given, no preventative measures are discussed. Also not surprising, these other articles link back to the AVG blog, which ends with

    All of this is not to downplay the significance of this exploit, but whether Facebook or a Google poisoned link which redirects to a malicious site, preventative measures which inform about the social engineering tricks, and proper security against remote code execution attacks apply in all cases.

    Same old stuff.

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.