New Facebook Worm Spreads Like Wildfire

 Earlier today (May 4, 2011) or possibly last night (May 3, 2011), I noticed a few odd posts on Facebook from friends with odd descriptions like "OMG this is amazing!" or "you MUST see this!" I didn't think anything of it and deleted the post. I figured it was maybe a spammy app that someone manually signed up to (where you agree to authorize an app to post on your behalf.)

Tonight, I have been seeing exponentially more of these posts and now believe it to be some sort of exploit that, upon clicking, posts itself to all of your friends walls. I have not confirmed this yet since I have not myself clicked one of these links in fear of contamination.  The ability of a Facebook App to post on your wall and to your friend's walls was previously only possible by giving authorization to that app via a click through screen. However, hackers may have found a loop hole which results in this activity.

It seems the hackers chose the extremely hot topic of Osama Bin Laden's death to entice users to click on the malicious links. Do NOT click on any of these links or you risk being infected. 

Figure 1.

Figure 2

Tips:

• Do not even click any suspicious looking links on Facebook, even if it looks like your friend is posting directly to you, or even messaging you.
• Visit your Facebook Application Settings page revoke (click the X) any applications (especially the suspicious looking kind) access to your Facebook account. If you accidentally revoke one that you actually want, you can simply add it back by going to the application provider's page or website.

   Tweet