ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Hackers selling $25 toolkit to create malicious Facebook apps

By | February 8, 2011, 7:36am PST

Summary: Malicious hackers are selling a $25 toolkit to anyone interested in creating and distributing dangerous Facebook applications

Malicious hackers are selling a $25 toolkit to anyone interested in creating and distributing dangerous Facebook applications, according to researchers at Websense Security Labs.

The do-it-yourself toolkit offers a template for spreading malware, directing users to click-fraud accounts and for pushing Facebook users to bogus surveys to hijack personal information.

follow Ryan Naraine on twitterThis commoditization of Facebook malware is further confirmation that social networks are a happy hunting ground for cyber-criminals looking to hijack personal data for use in identity theft attacks.

“The buyer doesn’t have to have development experience with Facebook, he/she just needs to follow the accompanying instructions and a working viral Facebook application is at their disposal,” the company explained.

Websense researchers have linked the toolkit, called TinieApp, to the recent “Profile Creeps” and “Creeper Tracker” rogue app attack that appeared on Facebook over the last week.

“This phenomenon of template Facebook applications like Tinie app shows how the spamming culture is consolidating more and more around Facebook, adapting to the platform and increasing what we call Web spam,” Websense added.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Facebook, Cyberthreats, Spam, Spyware, Adware & Malware, Advertising & Promotion, Security, Spam And Phishing, Marketing, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

13
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Hackers selling $25 toolkit to create malicious Facebook apps
lovedong 13th Sep
Fantastic! I love it!! grin rolex watches
View in thread
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
bnlf 8th Feb 2011
crackers you mean
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
Hallowed are the Ori 8th Feb 2011
@bnlf

He should have said "Scum".
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
WarhavenSC 8th Feb 2011
No, not crackers. Crackers are in the business of cracking/removing software serial numbers -- hence, the name.
0 Votes
+ -
Thank you Big [Clueless] News Media of the 80's
dragosani 8th Feb 2011
@WarhavenSC

The whole hacker vs cracker definitions has become so muddled no one can get anything properly labelled anymore.

The term Computer Cracker came from people "cracking" or breaking into computer systems. Over time it got shortened to just Cracker. I would imagine the term was coined from Safe Cracker. Both breaking into computer systems and breaking into safes and vaults is considered "cracking".

Hackers are people who are interested in how computers systems work. Some of them for nefarious purposes, some for altruistic purposes, and others just for the sheer curiosity.

That was more or less how they were defined before the big news medias of the 80's came in a painted everything hacking without any distinction. The tech community has been fighting this since.
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
lovedong 13th Sep
Fantastic! I love it!! grin rolex watches
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
I12BPhil 8th Feb 2011
I'm not surprised. Our current society does nothing to teach anyone what it means to be a decent human being. No one has any self respect or even cares to know what that means. The current generations make the 80s look selfless.
0 Votes
+ -
question can we find them explain them
Quebec-french 8th Feb 2011
with a baseball bat
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
jonlberg 8th Feb 2011
Maybe Zucker should drop $25.
0 Votes
+ -
LOL
james347 8th Feb 2011
Of course.
0 Votes
+ -
Avoid Facebook
Avoid Facebook Updated - 8th Feb 2011
We want to voice our opinion and frustration because Facebook has become a target for personal information seekers. SSL might help a little. It's just that when you ask for too much information it bound to attract information seekers. For all of us who are concerned about Facebook issues we have created the website called Avoid Facebook @ http://www.AvoidFacebook.com
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
zdnet@... 9th Feb 2011
Am I the only one that finds everything Facebook and Twitter malicious in and of themselves? Just think what might be achieved if the time spent on just these two was spent, say, reading a good book.
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
WemiZemi 9th Feb 2011
Sounds like a good investment to me dude. Wow.

www.net-privacy.at.tc
0 Votes
+ -
RE: Hackers selling $25 toolkit to create malicious Facebook apps
GetCocoon Updated - 10th Feb 2011
There is an interesting tidbit about this app at crshare.com

Begin---------------------------------
Now, this is the good part:

When the user uses your application, you are given control over that user:

You can:-
-Post status updates on their BEHALF (as if you were theme) anytime.
-Post messages/links to 25 of their friends walls at anytime.
-Post on any Fan pages the user is an admin of at anytime.
-Send to/collect the users e-mail (useful for mail advertising)
End----------------------------
http://crshare.com/tinie-app-v36/

This app hijacks the user account.

Privacy & Malware Protection: http://www.getcocoon.com

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix