Cybercriminals hijack Facebook accounts through bogus browser extensions

Summary: Researchers from WebSense are warning on a newly circulating fraudulent scheme relying on bogus browser extensions for hijacking Facebook accounts.

By Dancho Danchev for Zero Day | December 22, 2011 -- 12:09 GMT (04:09 PST)

Follow @danchodanchev

Researchers from WebSense are warning on a newly circulating fraudulent scheme relying on bogus browser extensions for hijacking Facebook accounts.

The add-ons, advertised as DivX plug-ins or coupon generator, use the Facebook API (Application Programming Interface) to post unauthorized messages on behalf of Facebook users who log in from the affected browsers.

According to the researchers, at the moment, only Chrome and Firefox plugins are used.

Topics: Browser, Social Enterprise

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments

Log in or register to join the discussion

RE: Cybercriminals hijack Facebook accounts through bogus browser extensions

I am alerting my group about this. How many Facebook hijacks are running at this time? Can you provide a list? Please advise.

fw32

23 December, 2011 04:49

Reply Vote

Facebook is a privacy and security nightmare...

I discontinued this Facebook thing a couple of months ago....<br>These guys have built an empire for themselves selling our personal information for money.....and of course for target advertising<br>To make the matters worse, their entire structure is un secure and vulnerable to hacks, hijacks and are spending little resource and efforts to keep the users safe.<br><br>They are killing the golden goose which has made them so rich overnight out of thin air!

Dwight Kunder

24 December, 2011 01:04

Reply Vote

The best of ZDNet, delivered