We have received reports of another JavaScript-based spam scam doing the rounds in Facebook. This one involves a friend's profile posting a link to your wall. Should you click on the link in the friend's post , the JavaScript code send spam to your Friends list and so the snowball spam effect grows. TrendMirco's malware blog had a good write up of the attack method here: http://blog.trendmicro.com/dubious-javascript-code-found-in-facebook-application/ Sounds like introducing friends and family to NoScript Firefox extension [1] would be one way to avoid a large number of phone calls of "Help!" over the next few days. Thanks to reader Roseman and others for writing in with details. [1] http://noscript.net/
Chris Mohan --- Internet Storm Center Handler on Duty |
Chris 105 Posts ISC Handler May 12th 2011 |
Thread locked Subscribe |
May 12th 2011 9 years ago |
Sophos now has a write of the early part of this event (before it had mutated much):
http://nakedsecurity.sophos.com/2011/05/12/preventing-spam-scam-on-facebook-does-exactly-the-opposite/ |
Anonymous |
Quote |
May 12th 2011 9 years ago |
The Sophos writeup says the javascript behind this is retrieved off an .info domain. What domain is it and has that domain been reported to malwaredomains.com?
|
John Hardin 62 Posts |
Quote |
May 12th 2011 9 years ago |
Sign Up for Free or Log In to start participating in the conversation!