Facebook Users Fall Victim To ‘Likejacking’ Attacks

Attackers have updated a clickjacking attack targeting Facebook users that Sophos has dubbed “likejacking.”

During Memorial Day weekend in the US, a clickjacking worm roped in hundreds of thousands of Facebook members with messages such as “The Prom Dress That Got This Girl Suspended From School.” This time however, the attackers are using a new set of lures, including a promise of naked pictures of rock singer Hayley Williams of the band Paramore and teen pop singer Justin Bieber’s phone number.

Link spreads virally

Clicking on the links takes Facebook users to a third-party site with a message that reads, “Click here to continue if you are 18 years of age or above.” Wherever the visitor clicks on the site, the mouse click is hijacked, forcing a click on a button that tells Facebook they “like” the webpage. This gets published on the person’s Facebook page and shared with their friends, spreading the link virally.

The attacks using references to Bieber and Williams are only two examples. Others include a link targeting World Cup enthusiasts that prompts the visitor to install what purports to be an “HD Flash TV plugin”; a link for a site claiming to be about the BP oil spill; and another claiming to be about the movie “Shrek Forever After.”

So far, the attackers don’t seem to be doing anything malicious other than disrupting users’ Facebook accounts. However, attackers could always take it a step further, noted Sophos Senior Technology Consultant Graham Cluley.

“The number of attacks appears to be increasing as more people discover just how easy this is to do, and there’s a real danger that things could turn more malicious,” Cluley said.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

13 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

15 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

16 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

17 hours ago