Immunet Blog

This week, Facebook users were struck with a clickjacking worm that deceives users into “liking” sites to spread the virus. Clickjacking, similar to phishing, either tricks users into giving away sensitive information or works by hackers taking control of a computer when a user clicks on what seems like a harmless site. Here’s how the Facebook clickjacking worked, as reported in InformationWeek:

Clickjacking -- also known as likejacking -- works by spamming Facebook users with such content as "LOL this girl gets owned after a police officer reads her status message” and “the prom dress that got this girl suspended from school."

Click on the link, and a user will go to a seemingly blank page that says “click here to continue.” But thanks to “an invisible iFrame,” said [Graham Cluley, senior technology consultant at Sophos, on the company’s blog], clicking anywhere on the page actually republishes the attack content and link on the Facebook user’s status page, “in a similar fashion to the ‘Fbhole’ worm we saw earlier this month.” Fbhole likewise spread via Facebook status messages.

Other recent examples of this type of attack include, the “Distracting Beach Babes.”   If you’re struck, the key is to remove all the "likes and interests" from your profile. Then, delete the page from your newsfeed, most likely to be found in the ‘Recent Activity’ section of the profile but you may have scroll down for a bit. Then, get yourself protected to keep it from happening again. Your best bet is a product, like Immunet Protect, that is designed specifically to target malware on social networks, in particular Facebook. And if you haven’t yet been hit, download AV protection now as a preventative measure.

There’s really no reason not to take this simple step. It’s free to download Immunet Protect, it’s lightweight and won’t slow down your computer, and it provides essential security for your PC.

Yesterday, Facebook’s CEO Mark Zuckerberg promised new privacy controls in the Washington Post, amid some criticism of the site’s recent changes. Kudos to Zuckerberg for stepping up and reinforcing Facebook’s commitment to users. In the Washington Post, Zuckerberg  points out, "there needs to be a simpler way to control your information.” And "in the coming weeks, we will add privacy controls that are much simpler to use." Great! But what he didn’t address was the troubling influx of malware on the site in recent weeks.

Let’s recap. There was the free giftcard scam, the Facebook worm, the beach babe virus, the “sexiest video ever,” among others. The malware that users share on Facebook spreads like wildfire because Facebook's viral sharing hooks really work, even if the content being shared is damaging to end users. 

We know that Facebook’s security team is hard at work trying to combat the malware issues that arise when criminal hackers are financially motivated to prey upon Facebook’s 400 million active users. However, while Facebook is doing what it can to keep us safe through their own security controls and through user education (like the Facebook Security page), ultimately the responsibility to protect -  both ourselves and our networks - falls on us. Facebook has no control over what software you do or don't have installed on your PC to protect yourself, but you can see why Facebook would be a safer community if every user on Facebook had real-time, effective antivirus protection that they could easily share for free. 

With antivirus products like Immunet Protect that are specifically tailored protect users of social networks like Facebook, it’s never been easier to be safer online, or easier to protect your community. It takes seconds to download protection that will last you a lifetime. What are you waiting for?