Feeds

Facebook found pimping crudware

Serves up ads for deceptive security software

Secure remote control for conventional and virtual desktops

Facebook has become the latest website to be found pushing services that deliver highly deceptive security warnings designed to trick users into buying software.

Purveyors of this scam are making use of Facebook Flyers, small ads that get posted on Facebook pages associated with a specific region. At 5,000 impressions for just $10, it's a bargain.

We spotted a Flyer targeted at Facebook users in the San Francisco region that purportedly advertised a dating service. When clicked, the ad delivered a warning that our machine could be infected. Those who click through are taken to a site for a product called Malware Alarm which informs their machine is "infected with spyware!" The site then urges the user to download Malware Alarm.

Screenshot of Facebook flyer with popup warning that user's computer may be infected with malware.

Clicking on the Flyer that says "Join for Free" brings up this popup. The warning is part of a scam designed to trick Facebook users into buying unneeded security software.

Security vendors say Malware Alarm's free version gives bogus security warnings designed to con end users into buying a premium version of the program. The software has been reported to flag common Windows files and innocuous programs as malware.

Facebook isn't the only site that's been found to push such "crudware," as we've come to call programs such as Malware Alarm. Last week, a security researcher's blog hosted on Blogspot was found to also found to redirect users to a site associated with Malware Alarm. MSN and MySpace have also been found promoting the programs, which also go by the term scareware.

While there are no reports showing Malware Alarm steals passwords, sends out spam or engages in other malicious activity, the program is considered a pariah in security circles. The ability of its purveyors to infiltrate Facebook's advertising system raises questions about what else may be slipping through the cracks at the social networking site.

We contacted a Facebook representative to see if they were even aware of the problem but didn't get a response. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.