Precision Computer's Bits & PCs
Trying to avoid life's electronic potholes
Store Info and a Map
Listen to us Mondays at 8:30am
- General
- Internet
- Vista
- New Items
- Conficker
- Windows 7
- Bad Computer Work
- Security
- Viruses
- Reviews
- Office 2010
- August 2010
- July 2010
- June 2010
- April 2010
- March 2010
- November 2009
- October 2009
- September 2009
- June 2009
- May 2009
- April 2009
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Aug | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | |||
11/24/09
From PC Magazine
Facebook Worm Sells Itself with a Booty Call
Gadi Evron noted a new Facebook worm over the weekend. The hook to it appears in a friend’s profile as the racy image at left.
Click the image, and you are brought to a Web page with the same image.
Analysis by famous malware analyst Nick Fitzgerald calls this a CSRF
(Cross-Site Request Forgery) attack, a cousin to cross-site scripting:
A sequence of iframes on the exploit page call
a sequence of other pages and scripts, eventually resulting in a form submission to Facebook “as if” the victim had submitted a URL for a wall post and clicked on the “Share” button to confirm the post.
Afterward, you are redirected to a porn site.