No. 1 Story

HP job cuts loom for Australian employees

A number of Australian employees of Hewlett-Packard are facing the loss of their jobs as the global computer giant looks to slash its worldwide workforce by up to 30,000.

read more

Related Articles

Facebook, worm, the, loose
Juniper offers SSL VPN security for the iPad
Juniper Networks has extended its SSL VPN security to the iPad with the release...
Read More
Social networking - the security dilemma
A recent survey by security company Sophos exposes the dilemma to business posed by...
Read More
How unique is your presence on the Internet?
You might think that thousands, nay millions of people will be on the Internet...
Read More
AppLabs and Original Software Partner to Help Clients Take the Step from Manual to Automated...
- Sponsored Editorial - AppLabs sees huge value proposition for its clients with...
Read More
Planit tests the water in New Zealand
- sponsored editorial - Australian independent software testing and training organisation, Planit,...
Read More

More From

Popular Threads

Facebook worm is on the loose

David Heath
Tuesday, 24 November 2009 05:15

Business IT - Security

View Comments
When you see the hot chick in the black bikini, saying "Want 2 C Something Hot?" Don't Click da Button, baby!

If you receive the Worm email and go to the link that's offered, you'll see a comely wench in a black bikini saying "Want 2 C Something Hot?"  Below, there's a red button with the text "Click da button, baby!" 

Do so, and if you're logged into Facebook, the link and picture will be added to your wall.  Anyone who is looking at your wall and clicks the link will also be afflicted and so on.

Currently, there is no evidence of any nastiness attached to the worm, but of course that may change at any time.

According to AVG's Emerging Threats Researcher, Nick FitzGerald, "This worm uses what is technically known as a CSRF (Cross-site Request Forgery, also called XSRF) attack. A sequence of iframes on the exploit page call a sequence of other pages and scripts, eventually resulting in a form submission to Facebook "as if" the victim had submitted a URL for a wall post and clicked on the "Share" button to confirm the post."

Currently iTWire is advised that Facebook is working on the problem and in the mean-time users of AVG's Linkscanner product (available for free) are fully protected from this issue.

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases