Facebook users have been warned to watch out for a new worm that tricks users into clicking on a picture that disrupts the interface of the social network.
The worm appears in the form of a picture of a woman in a bikini, with text that reads “Want 2 C Something Hot?” Below the picture there is a red button, with text reading “Click da button, baby!”
If the button is clicked, that link and picture will then be added to a user’s “wall”, exposing the worm to other users. While the worm is currently inactive, it is suspected it could be exploited for malicious purposes.
“This worm uses what is technically known as a CSRF (Cross-site Request Forgery, also called XSRF) attack,” AVG emerging threats researcher Nick FitzGerald told ITWire.com.au.
“A sequence of iframes on the exploit page call a sequence of other pages and scripts, eventually resulting in a form submission to Facebook “as if” the victim had submitted a URL for a wall post and clicked on the “Share” button to confirm the post.”
Facebook is reportedly working on fixing the problem.
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.