The next time you “like” a story via Facebook, your friends might catch more than your taste in articles. Security experts are warning that malware is now being spread via Facebook links in a new attack.
According to IDG developer, Caleb Brown, the exploit was easy to execute and very hard to detect. In one case, it was executed in around 10 lines of HTML coding.
“It could use some exploits in browsers to install malware without a user knowing,” he said “Because they’re clicking the ‘Like’ button, it has a viral effect of encouraging friends to like it as well.”
In one example of an attack, the Web page comes up with an invisible screen that sits on top of a screen the user wishes to work with. Everywhere the mouse moves, an invisible ‘Like’ button follows it. Once the user clicks anywhere on the page, they’ve added a potentially bad page to their Facebook news stream.
Brown said the amount of information that could be gathered by websites using like buttons was also large and could potentially be misused.
“It’s scary the amount of information that they gather,” he said. “If you say you ‘Like’ something, it means you’re okay with [the site owners] sending you updates…they have access to your profile photo, your name or more depending on your privacy settings.”
But while the biggest threat came from websites dedicated to gathering information and spreading malware, Brown said trusted websites could also be hijacked using very common attacks.
“Cross site scripting is one of the most common vulnerabilities on the Internet,” he said. “It lets someone embed java script into a Web page and then execute on a browser using that.
“The only way to find out you’re doing it is to look at your profile news feed. If you see that you’ve posted something you don’t remember, you’ll have to delete it.”
Changing your privacy settings can also disable the function entirely, Brown said.
Full disclosure: ARN uses Facebook ‘Likes’ and is a subsidiary of IDG Communications.
Follow ARN on Twitter: Watch ARNnet