X
Business

Facebook infested with new worm; More proof site is insecure?

Facebook is infested with a new worm, hijacking status updates and spreading like wildfire to other users. Another bit of evidence towards Facebook being insecure, and lax with user privacy and data?
Written by Zack Whittaker, Contributor

Facebook is littered with a worm, seemingly the same one under different names, created by randomly generated developers, which is spreading links all over the site.

Applications like S22BZ5 created by randomly assigned pseudonym 'Jackson Lasseter' has nearly 300 people under the grips of the worm. Others, such as replicated application B5DA8G, 9IHJ35 and AU0ZVE have just under 1,000 people inadvertently spreading the worm.

Just in the last 24 hours, I have seen my own friends' list infiltrated by these worm applications which set status messages via the application without the knowledge of the profile owner, through a shortened link service with an infected GIF file.

legend-worm-tinycc-zaw2.png

A quick Facebook search for 'tiny.cc' and 'is.gd', two link shortening services, shows a great deal of worry and concern over

Links seem to run through imgcrave.info and imgpant.info which then direct the user to an ordinary, legitimate website like Google or YouTube. Once this is done, your Facebook will be compromised, though this only seems to work on a Windows machine.

By looking at the statistics on the tiny.cc webpage alone, it shows nearly 1,000 Facebook users clicking spam the link, with most being unique account holders running Windows with Firefox or Internet Explorer.

ian-fb-everyone-tinycc-zaw2.png

Running an WHOIS on both domains seem to pull up the registered details of a person living in the north of the United Kingdom, with the website based on a server in Denmark. This could fit considering the aforementioned statistics shows more people in the UK being hit by the worm.

This could however be a complicated 'revenge' attack on this person, considering any hacker or malware writer would surely not be stupid enough to leave their own details on a WHOIS record. This is speculation, however.

Once again, this shows Facebook will allow applications which are not verified, that act in a worm or malware like fashion, and allows individual user privacy to become compromised to anyone who can slap together a simple application.

Have you found yourself compromised by a worm application like this? Did you manage to remove it, or did it leave malware on your computer?

Editorial standards