August 8, 2008 9:07 AM PDT

Facebook's new worm turns your friends into enemies

Posted by Matt Asay

Facebook has a worm. It was bound to happen: As the web increases in popularity, it was just a matter of time before security bad guys started targeting web applications in earnest. Recent research from IBM suggests that the pace of security vulnerabilities on the web is accelerating.

This particular worm on Facebook is highly insidious:

The worm spreads when a compromised user's account is used to send message to others with a title such as "LOL. You've been catched on hidden cam, yo:" and a link to a random URL. The linked website is a YouTube-like page that shows a video player along with what looks like a standard browser message to update your Flash installation. Clicking on the button begins a malware installation of a file called "codecsetup.exe."...

The worm uses the friend's picture to make it seem all the more legitimate. Once compromised, keylogging and the like kick in.

In other words, it's even worse than Facebook without the worm. :-)

I'm not a big fan of Facebook - that's not a secret. I think Mike Schroepfer joining Facebook will help. The company is certainly improving the sort of applications that live on its platform. Facebook will work through this issue and will continue to improve, but for now...beware your Facebook friends.

Topics:

Industry news

Tags:

Facebook,

security,

malware,

worm

Bookmark:
Digg
Del.icio.us
Reddit
Recent posts from The Open Road
New startups explore new niches for open source
Analysts as a lagging indicator of success
Symbian on the decline: Time to move on open source
The key to making money: Charge for your product
MySQL's Monty Widenius leaves Sun
Add a Comment (Log in or register) 4 comments
by enderandrew August 8, 2008 4:49 PM PDT
That isn't a Facebook worm. That is a standard email scam that has been circulating all over the place.

When someone writes a Facebook app with the Facebook API that directly propagates malware that would be a Facebook worm.
Reply to this comment
by enolazco August 11, 2008 9:26 AM PDT
WOW, You really hate Facebook

As enderandrew said, it's just a email problem. The same problem you will have on any social network which allows message sending (or wall posting). Why it happened on facebook? maybe because more people use it.
Reply to this comment
by softwaredesignengineer August 11, 2008 10:09 AM PDT
Geez, this is called "spam". Even other social networking sites like Orkut have these problems showing up almost on a daily basis with links to javascript files.

Facebook should just shutdown this app. Finish.
Reply to this comment
by newuser1235 August 18, 2008 2:22 PM PDT
How do we remove it?
Reply to this comment
Powered by Jive Software
advertisement

Latest tech news headlines

Resource center from News.com sponsors
What you need in business class email.
Mailtrust

Click Here!
Never worry about email again. From mobility and shared calendaring to virus and spam protection starting at only $3 per mailbox. more>

Rackspace Mailtrust
Total Email Relief

We'll take care of your email so you can take care of your business.

14 Day Free Trial

With expert support 24x7x365 we guarentee 100% uptime. Try us for free for 14 days. Never worry about your email again.

Just $3 per mailbox

Choose the plan that is right for your company and only pay for what you need.

About The Open Road

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to the Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is general manager of the Americas division and vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure.

Add this feed to your online news reader

The Open Road topics

Featured blogs

advertisement

Inside CNET News

Scroll Left Scroll Right

  • News - Business Tech

    Chrome's JavaScript challenge to Silverlight

    The advent of Google's Chrome browser, software pros say, should spur a big speedup for JavaScript, which would raise its standing against Microsoft's Silverlight technology.

  • Gallery

    Photos: Top 10 reviews of the week

    Here are CNET Reviews' 10 favorite items from the past week, including the TiVo HD XL, Sony Cyber-shot DSC-H50, and the Dish Network's newest digital TV converter box.

  • News - Apple

    Apple watchers spot 'iPod Nano' pix, iTunes hints

    The rumor mill has long been predicting a longer, leaner new version of the iPod Nano, and now it's conjuring up some pictures.

  • Outside the Lines

    EIC Squared: Chrome, iPods, and a Dell-Salesforce union

    On this week's EIC Squared podcast CNET's Dan Farber and ZDNet's Larry Dignan discuss Google's latest rocket launch--the Chrome browser--as well as Apple's iPod event next week and a Dell-Salesforce.com union.

  • Video

    Katie Couric reflects on first Webcast

    The political conventions are over and so are CBS Evening News anchor Katie Couric's first series of Webcasts. CNET's Kara Tsuboi sat down with Couric on the final night of the Republican National Convention to discuss what she liked about Webcasting, some of her most memorable guests, and whether TV news will still be around by the next round of conventions.

  • News - Digital Media

    At 10 years old, whither Google?

    Daniel Sieberg of CBS News looks at how the company grew exponentially from start-up to superstar and part of our culture, but what's ahead?

  • Video

    YouTube plays party politics

    During the presidential campaigning four years ago, YouTube didn't even exist. Now it's a tool candidates must master to get their message across. CNET's Kara Tsuboi stops by the YouTube upload booths at the Democratic and Republican conventions to find out why Google's video site has such a big presence in Denver and St. Paul, Minn.

  • News - Gaming and Culture

    Are Demo and TechCrunch50 fragmenting their audiences?

    With both events scheduled to start Monday, many press, as well as venture capitalists and others are having to choose which one to attend.

  • News - Cutting Edge

    Execs predict next Google-like tech

    On eve of company's 10-year anniversary, researchers and business pundits speculate about what technologies might someday have as much impact as Google.

  • Gallery

    Images: The art of 'Spore' prototypes

    Will Wright and his Maxis team worked on dozens of prototypes to test the elements of their soon-to-be-released evolution game. Here's a sampling.

  • Webware

    At the TechCrunch50, an unfair advantage?

    Inside baseball: How Webware and other blogs can compete with TechCrunch in covering the TechCrunch50 event.

  • Green Tech

    Duke Energy to invest in mini solar power plants

    Can hundreds of rooftop solar panels collectively operate like a central power plant? Duke Energy launches $100 million distributed solar program to find out.

News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Dell
PlayStation 3
Wii
Windows Vista
CNET sites
CNET TV
Downloads
Forums
News
Reviews
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET