Feeds

False Facebook charge group used to spread malware

Malware pokes outraged users

The Essential Guide to IT Transformation

Updated A false rumour suggesting that Facebook is to start charging is being used to bait malware traps.

Thousands of disgruntled punters, angry at the $4.99 a month charge for using the social networking site that will supposedly kick in from June (or July, according to other false reports) have been induced to visit "protest group" sites in response to spam emails. However, in reality, there is no such plan and the protest pages often contain malware, as urban myth debunking site Snopes warns:

The protest page was a trap for the unwary; clicking on certain elements of it initiated a script that hijacked users' computers. Some of those who did venture a click had their computers taken over by a series of highly objectionable images while malware simultaneously attempted to install itself onto their computers.

Snopes published its warning on 31 December, but groups on Facebook itself protesting the supposed upcoming charges remain active almost two weeks later. A quick check on one such UK group contains no scripting unpleasantness directly, but it does link to numerous third-party sites whose provenance remains suspect. Searching for "Facebook charges July 2010" leads to fake blog entries as well as some legitimate results, evidence of an ongoing black hat SEO campaign of a type commonly used to punt rogue security scanner software over recent months.

A Facebook spokeswoman confirmed the charging rumour was false, adding that it was prepared to clamp down on groups spreading the bogus gossip about social networking fees.

We have removed the largest groups, however, we didn't find any malicious links. We take security very seriously and respond quickly to user reports of suspicious content and behaviour.

Despite Facebook's actions the rumour of supposed charges continues to circulate, creating an environment that may be abused in further black hat SEO attacks. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.