Saturday, April 23, 2011

A deeper look into the recent Facebook spams - A HackingAlert Exclusive!!



Facebook is recently been under heavy attack as lots of spam are flooding through walls and chat application .
i personally feel that there are two big reasons for the spread of this spam -
1 > users trust almost anything that is there on their wall
2 > Facebook is dirty(as i have been saying in many of my posts)

Its everywhere now and top security companys are now questioning about the level of security and sofistication that the FBML and FML provide to us .
I do not blame facebook completely for this but obviously they are responsible for it in some way or the other.
To prevent yourself and staying secure,read the following post :Facebook users exposed to attacks.
To tell you about what this spam is all about , in simple words they are Facebook registered applications that are designed specially for spreading spam.
facebook opened its platform for developers for building applications in 2007 and since then this has been a serious problem for them . Later on i will tell you why facebook is too lame about these applications.

Let me take you through a recent spam that has been flowing around the walls and gets posted in every group you are added into . look at the following snapshot .


Now these Free facebook t-shirts and wallpapers are nothing but the links to some facebook applications .
Now how these applications work is that they contain a link to an external page that contains an iframe which gets injected into your perticular facebook id and performs malicious functions .
This application belongs to the following facebook link :
http://www.facebook.com/apps/application.php?id=207445695941052

Now when you open this link in a seperate browser then obviously nothing will happen as you are not logged into your facebook . Carefull examination of various links and sources took me to this malicious applications root .
Its actually a flaw in the iphone application of facebook that is surprisingly yet not fixed .
For those who want to know more here is the complete iframe tag that is doing all the fuzz :
"//

 I will suggest my readers to not to play with this script as it is still not fixed by facebook and can cause some damages ehich can lead to account suspension .
A slight change in this php code brings us to the next big spam on facebook which says "know who visited your profile". It looks somthing like this :


Now again examine the link that is there at the bottom of this post .  make sure its in a different browser in which you are not logged into facebook.
It will take you to the following link :
http://www.facebook.com/l.php?u=http%3A%2F%2Fx.co%2FWl7B%2F%3F40231&h=f4f10

Which is again a link to some malicious facebook application and upon further examination it took me to an external website which had a hit of 26,000 user in todays date . Did this click you somthing?
Yes , This applciation is designed to bring traffic to that perticular website so as to earn revenue through referals and advertisments . Everytime you click on this link thinking that its going to tell you "who viewed your profile" , you are adding dollars into that perticular website's account .


 Facebook Dirty again !!


So i now come back to my infamous quote again that I made last year on my blog about facebook . Hope it remains infamous .
I wonder why the hell is facebook not quick in taking action against such malicious applications .
I myself reported about this flaw to facebook twice and still the following snap shows that facebook has shown no attention to it.


I posted that same script on my wall , and it got successfully posted too . Had it been fixed by facebook then it would not have appeared on my wall. Anyways , the point is that how facebook platform is getting nasty now . Facebook's big part of revenue comes from the various applications that are built by companies and developers. So Facebook is quiet lame in taking action against the platform indipendency or making the information less accessible to the application builders.
I see a big trouble for facebook in coming future because it is just a matter of time when some black hat completely takes the whole platform down in one go . Facebook shold take some serious actions , knowing that around 500 million users privacy is at stake .


DARKLORD!!

7 comments:

  1. really awsome work man...great post...

    ReplyDelete
  2. you are true,the spam has affected the users alot. hope it gets fixed soon.

    ReplyDelete
  3. the problem with the facebook platform is its openness , By the way abhinav , dont you think that posting a valid potential code of spam in your blog can land you into trouble.

    ReplyDelete
  4. @Carl : i have reported about this code to facebook . Now if they dont care enough to fix it then what can i do for that . At some point or the other things go in favour of me . Still i think you have to be good enough to modify this code and apply it in an application . This is just the code , but how to use it and where to use it is not as easy as it seems . Still potential hackers can use it easily . Headache for the lame users. Thnx..

    ReplyDelete
  5. Very informative post Abhinav. I am also tried a lot to get this kind of spam block to my profile....and tried too but not succeed as you. Anyways thanking you for sharing the reality.....

    ReplyDelete
  6. thanks for the sharing,some have informed me that there could be virus in these type of posting, my overseas fb friends have warned on this.

    ReplyDelete
  7. Fb has been reporting a huge groth in spam in the recent time . Hope it gets fixed soon . Though no serious case of virus attack has been heard so far but definetly there has been a lot of addware attack.

    ReplyDelete