Rogue Facebook Application Toolkit Made Available
Investigators from Websense's Security Labs are warning that a new toolkit valuing $25 is on sale in the underground market which allows the making and dissemination of rogue applications for Facebook.
Actually, a person using the DIY (do-it-yourself) kit can gain a template that's designed to help disseminate malware while it takes victims onto click-fraud accounts as also gets Facebook members to participate in phony surveys leading to personal data compromises.
Explained the security company, purchasers of the kit needn't know how to create with Facebook since instructions accompanying the kit conveniently guide users to develop any malicious and active Facebook app. ZDNet.com published this on February 8, 2011.
Incidentally, according to Websense, the toolkit named TinieApp has been lately used in attacks with the rogue applications -"Creeper Tracker" and "Profile Creeps" which were launched against Facebook during the 1st week of February 2011.
Furthermore, states the company, the existence of Facebook app templates similar to TinieApp reveals the manner in which there's increased spamming around Facebook. Actually, these rogue applications are customized to work on the platform resulting in more-and-more of Web spam, it explains. Msnbc.msn.com published this on February 8, 2011.
Meanwhile, elaborating on TinieApp, Senior Manager of Security Research Patrik Runald at Websense said that it was a case of making online scams a commodity. Theregister.com published this on February 8, 2011.
According to Runald, cyber-criminals will persistently exploit whenever possible all resources obtainable on the World Wide Web, even Facebook, so they may steal information or make money. With the templates facilitating malicious Facebook apps and other attack kits getting introduced, there occurs a considerably lowered threshold for allowing evil operations. Also, as there's an increasing commoditization of these toolkits, the number of cyber-attackers and potential victims too escalates, Runald adds.
Eventually, TinieApp is simply one more in the basket of different attack kits, which cyber-criminals are employing and selling online. Indeed statistics reveal that 61% or more of the total modern cyber-assaults are executed through automated exploit kits, as per Symantec another security company in its report studying the most popular attack kits namely Neosploit, MPack and Zeus.
Related article: RSA Attendees Responsible for Wireless Vulnerability
» SPAMfighter News - 16-02-2011