A new configuration of the Carberp Trojan that targets Facebook users to commit financial fraud. Unlike previous Facebook attacks designed to steal user credentials from the log-in page, this version attempts to steal money by duping the user into divulging an e-cash voucher. Carberp replaces any Facebook page the user navigates to with a fake […]
Continue ReadingSummary: When using the Facebook ‘Messages’ tab, there is a feature to attach a file. Using this feature normally, the site won’t allow a user to attach an executable file. A bug was discovered to subvert this security mechanisms. Note, you do NOT have to be friends with the user to send them a message […]
Continue ReadingFacebook users have been subjected to clickjacking attacks that force them to authorize actions they had no intention of approving. The latest few campaigns seen by SophosLabs, for instance, target Italian users of the social network. COCA COLA: Dopo aver visto questo video non berrò più coca cola. Svelata la ricetta segreta. Guarda il video […]
Continue ReadingDuring last weekend a viral rogue app campaign hit Facebook again. This time the application was called “Profile Creeps” which, like many other rogue applications before it, promises to do what Facebook simply doesn’t allow *ANY* app to do – let us know who looks at our profile. But users are still tricked into installing […]
Continue Reading