Viral and Malicious Facebook Application Toolkit

Exploits Hacking Tools News / Stories Privacy Attacks Social Engineering Attacks

During last weekend a viral rogue app campaign hit Facebook again. This time the application was called “Profile Creeps” which, like many other rogue applications before it, promises to do what Facebook simply doesn’t allow *ANY* app to do – let us know who looks at our profile. But users are still tricked into installing apps that promise to do just this. And just like most others, the latest one leads to a survey that in the end generates money for the people behind the app.

Facebook Profile Creeps

let’s look at a very similar fraudulent application that “can” allow Facebook users to know who “creeps” at their profile, called “Facebook Profile Creeper Tracker Pro”. The application asks for some permissions, shows an online survey/advertisements and tells the user at the end of the process that he/she is the one that looks at his/her own profile the most. In other words, this application should be revoked according to the terms and conditions of Facebook.

“Facebook Profile Creeper Tracker Pro” and similar fraudulent applications
Facebook Profile Creeper Tracker

This application was built with a pre-defined toolkit called “Tinie app” which is a Facebook viral application template available in some variations for only $25 or even less. The next image is one of the template images in the toolkit that aims to give some directions to the buyer, besides the full-blown step-by-step guide that comes with the kit itself:

Tinie Viral App

The buyer doesn’t have to have development experience with Facebook, he/she just needs to follow the accompanying instructions and a working viral Facebook application is at their disposal.

Source: Websense Security Labs Blog