For the second time in less than a week, Facebook users have fallen victim to a widespread attack due to malicious third-party applications. The latest attack is sending out notifications that users are in violation of Facebook's Terms of Service.
For the second time in less than a week, Facebook has been forced to squelch a rogue application targeting users of the site.
In the most recent attack, Facebook users receive
stating they have been reported for violating Facebook's terms of
service by someone in their friends' list. A link in the notification
leads to an application called ""f a c e b o o k - - closing down!!!"
The application in turn spams messages out to the victim's friends
that are similar to this one: "[Friend's name] has just reported
you to Facebook for violating our Terms of Service. - This is your
official warning! - Click here to find out why you were reported! -
Request Facebook look at what has happened and rule immediatley."
According to Sophos, Facebook appears to have removed the application. However, the challenge of what to do about securing third-party applications
a week ago, users were hit by a similar application called "Error Check
System," which posted fake error notifications in a Facebook user's
profile in its attempt to spread.
Whoever was behind that initial scheme did not stop there, though.
If victims put the phrase "Error Check System" into a Google search,
one of the top results led to a site that attempted to
trick visitors into downloading rogue anti-virus
While security vendors offered no numbers to indicate how many users
had been affected by the attacks, researchers at Trend Micro noted this
second attack caused enough of a stir for Facebook users to
create a "Facebook Group" for those hit by the malware.
"One of the problems is that Facebook allows anybody to write an
application, and third-party applications are not vetted before they
are made available to the public," blogged Sophos Senior Technology
Consultant Graham Cluley. "So, even as Facebook stamps out one
malignant application, it can pop up in another place like a poisoned
mushroom with a different name."
Facebook has repeatedly said that the responsibility for securing
third-party applications lies with the developers themselves. However,
some security pros fear that rogue applications
will be an ongoing challenge for social networks.
"Surely these two events in just a single week mean that it's about
time that Facebook reviews its application hosting policy," blogged
Trend Micro researcher Rik Ferguson. "Prevention of rogue applications
with extremely dubious intent to propagate freely within the site is
needed. Users are advised to exercise extreme caution when surfing."