Sign in to follow this  
Peaches

Facebook Shuts Down Malicious Fake Profiles

Recommended Posts

October 1, 2009

Facebook shuts down malicious fake profiles

by Elinor Mills

Facebook on Thursday fended off an attack in which multiple identical profiles were created to spread malware.

Antivirus provider AVG Technologies said users of its LinkScanner service detected numerous profiles that were identical except with different names and each included a link to what was represented as a home video but which instead displayed a fake antivirus alert when clicked. The scams are designed to trick people into paying for software they don't need, to get credit card information from victims for identity fraud purposes, and often to install spyware on the computer.

"Clearly, the Data Snatchers have found a way to automate the creation of Facebook accounts, which means they've found a way to bypass the Facebook Captcha," Roger Thompson, chief of research at AVG, wrote in a blog post. Successfully translating a Captcha, a hard-to-read image of letters supposed to ensure that a human is involved, is required for a new account .

The malicious link was blacklisted by the major Web browsers and Facebook was blocking the URL from being shared on its site, said Facebook spokesman Simon Axten. Meanwhile, the company was working to identify all the fake accounts and disable them, he added.

Axten disagreed with the AVG speculation that the Captcha system had been broken.

"We're looking into how these accounts were created, but it's very likely that the sign-up process was manual, or that the person behind the attack farmed out the Captchas to be solved by humans for a price," Axten wrote in an e-mail.

Story & screenshots at CNET News - http://news.cnet.com/security/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this