Facebook users clickjacked by the 101 Hottest Women in the World

Facebook users are being hit by yet another clickjacking worm attack that is exploiting the third-party “Like” button facility (dubbed “likejacking” by Sophos).

Many Facebook users’ profiles have been updated by the clickjacking attack to say that the user likes a webpage called

:|:| 101 Hottest Women in the World :D :|:|

Facebook user liking 101 Hottest Women in the World

If you are curious as to what your online friend “likes” and click on the link you are taken to a webpage containing an image of Hollywood actress Jessica Alba.

101 Hottest Women in the World

Sophos detects the page as Troj/Iframe-ET.

Clicking anywhere on the page will – if you are logged into Facebook – update your Facebook page without your permission to say that you also “Like” the page. You are probably oblivious to this, of course, as by now your web browser has been redirect to pictures of attractive female celebrities on the website of men’s magazine Maxim.

It’s quite startling how well these “likejacking” attacks can spread via social networks like Facebook.

By hiding an invisible button under your mouse, the hackers are able to capture your click wherever you click on the webpage. So your mouse press is hijacked and secretly clicks on a button which tells Facebook that you ‘like’ the webpage instead.

Sign up to our free newsletter.
Security news, advice, and tips.

Why are people creating clickjacking worms like this? The answer is simple – to make money. The site is part of the CPALead advertising network, popping up a survey asking for personal information, and helping to generate revenue for those behind this scam.

Facebook really needs to grab this problem by the horns, as it is increasingly being struck by clickjacking worms. The social network should tighten up the way it handles the ‘liking’ of external webpages before it is more widely abused by malicious hackers and spammers.

After all, this isn’t a new problem. In recent weeks we have seen clickjacking attacks on Facebook pretending to be naked pictures of a female rock singer, jokes, and even interesting ways to eat a banana.

It’s perhaps no surprise that many people (well, guys at the very least) are all too happy to click on a link which promises to show them pictures of the 101 hottest women in the world.

If you believe you may have been hit by this attack, view the recent activity on your news feed, check your recent activity, and delete entries related to link. You may also be wise to warn your friends if they might have followed your lead and also clicked on the link.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.