Security Watch

Keeping Track of patches and hacks in the IT security world.

Beware the Facebook 'Secret Crush'

Spyware has landed on Facebook.

According to researchers at Fortinet, a malicious Facebook Widget actively spreading on the popular social networking site is serving as a lure to trick users into installing the notorious Zango adware/spyware program.


According to a detailed advisory from Fortinet (complete with screenshots), the so-called "Secret Crush" widget powers a software installation that traces back to Zango.

"Needless to say that clicking on "Download Now" leads to a copy of the infamous Zango adware/spyware. This was formerly known as BetterInternet, and is currently caught by Fortinet as Adware/Zango as can be seen in Figure 6. By downloading, the malicious widget authors get rewarded with a fistful of pennies upon each download (which, after a few million clicks, probably sums up to an impressive total)."

Fortinet said the widget is already being used by 3 percent of the Facebook community, which amounts to more than one million users.