Have you seen messages like these being posted by your Facebook friends?
I thought this survey stuff was GARBAGE but i just went on a shopping spree at walmart thanks to FB = <link> , this wont last long so gooo!
I thought this survey stuff was BULL** but i swear I just used the Best Buy giftcard they sent me here <link> to buy a laptop!
I’ve removed the links from the above examples, but they point to Facebook applications.
In the examples I’ve seen, the messages have one thing beyond their wording in common – they’re all posted “via Mobile Web”, suggesting that the posts (which weren’t made by your friends, just in case you were still in any doubt) may be using a common vulnerability.
What’s interesting is that the application’s name seems to change each time. That obviously makes it harder to tell users what to look out for, but potentially could also make it more tricky for Facebook’s security team to shut down.
Facebook’s security team may already be on to it – all of the links I have clicked on so far have been blocked (no, I’m not suggesting you try it at home folks). But if there is an unpatched vulnerability which scammers are exploiting it’s possible we might see a renewed attack wearing a different disguise in the near future.
What’s worrying is that our friends at All Facebook report that the worm can automatically post to your wall and message your friends – helping it to spread virally.
This has been confirmed by one of my colleagues at Sophos – who sent me the following message after one of his online friends was hit in the attack:
"There IS a vulnerability... You click on the link and it automatically adds the app into your apps profile. And it automatically reposts a status (with another random link). Spent an hour checking my friends... and my own apps settings."
Be on your guard against suspicious posts made by your Facebook friends, and if you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.