Hackers Use Hooky Application as Lure in Facebook Attack

Cyber criminals have recently started targeting social-networking website Facebook via a host of fresh e-mail scams.

For instance, in one scam, a phony client argued over an application page, which apparently contained a legitimate Facebook URL. The page has since been withdrawn.

The page's hosting provider was 'Ripway Hosting,' an utility that script kiddies often employ and exploit, said Chris Boyd, Researcher at IM security company FaceTime, as reported by TheRegister on August 17, 2009.

The FaceTime researcher further said that the scam involved no application from Facebook, except an authentic Facebook application URL and the scam page hosted by Ripway.

Another phishing scam against Facebook is captioned "sex sex sex and more sex!!!' that involves e-mails and a fake Facebook app. The application dispatches notices, which try to guide prospective victims to an online site that harvests credentials.

A Trend Micro security researcher said - the URL links in the notification messages take users to a harmful site that a domain named fucabook.com hosted.

Trend Micro said that the server related to fucabook.com downloaded a JavaScript just after utilizing HTTP meta refreshtags in an attempt to halt the actual Facebook site while directing the victim to enter his login credentials.

Besides, miscreants' attempts of harvesting credentials aren't something new, nor are end of the processes. The same hijacked accounts could be used to distribute junk e-mails or to launch more destructive campaigns. Thenceforth, miscreants could determine the ecommerce or Internet banking accounts of a potential victim, prior to invading the same.

Boyd said - it appears that somebody created an account at Facebook for developing application, posted a "consumer disagreement web-page" of fraudulent nature on the Ripway Hosting service. Moreover, the person managed to place on his App page and then began diverting users of Facebook onto it.

However, the FaceTime researcher informed both Facebook and Ripway about the problem and urged them to find out more information about the fake page's content.

Meanwhile, Facebook and other similar websites are now favorite targets for phishers, considering the massive popularity they have gained recently.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 9/2/2009