A “worm” has been spreading through Facebook, trying to take advantage of users’ friend relationships to send spam messages containing potentially harmful content. Facebook’s security team says it has disabled the current attack and adds that less than .002 percent of its 90 million users were affected (around 180,000). But if you were a victim here’s what you got, as explained by security firm Sophos earlier this week.
The malware works by directing your ‘friends’ on the social-networking websites to click on a link [see screenshot] to another site purporting to contain a video clip. If they are tricked into downloading an executable to ‘watch’ the video at the third party website, a message is displayed: “Error installing Codec. Please Contact Support”
The “executable” software would then use a variety of techniques to extract potentially sensitive information from your computer. This not the first time that Facebook has been under attack from bad hackers, as Nick O’Neill notes — and being a targeted web service is a red badge of success. And of course, MySpace and other large rivals have also been targeted. Yesterday, we covered a panel discussion about security issues on social networks, during the Black Hat hacker conference in Las Vegas. Meanwhile, Facebook’s data team was at a neighboring security related conference in Vegas, called Defcon — where the team fixed the worm.
Facebook and other large sites will no doubt continue to face attacks — a Sophos study claims that 41 percent of Facebook users risk revealing sensitive information that could be used to do things like fake their identities. Keep in mind, of course, that Sophos gets its business (and press coverage) from the same security issues that it’s reporting on.
Indeed, users themselves bear some responsibility for doing things like clicking on an ad that looks like the image above, or sharing their passwords with random people. At some point, all social networks can do is try to keep their users informed about the threat and how to counteract it.