Friday, September 10, 2010

Cheerleaders Gone Wild clickjacking tempts Facebook users

This Cheerleaders Gone Wild clickjacking attack hid behind a fake content warning.
This Cheerleaders Gone Wild clickjacking attack hid behind a fake content warning.
(Credit: Sophos)
A new clickjacking scam was spreading on Facebook luring victims with a purported video of "cheerleaders gone wild," a security expert warned on Thursday before Facebook shut the attack down. Victims' accounts were posting messages that said "cheerleaders gone wild - have to see this" with a photo of, you guessed it, a cheerleader carrying pom poms. Clicking the link led to a warning that the content may be inappropriate for some users and prompted users to confirm that they are 18 or older, said Graham Cluley of Sophos, who bravely clicked the link for research purposes only, of course.
Another warning then popped up pretending to be an antispam mechanism that asked the user to click three buttons numbered 1, 2, and 3 in a specific order. Once that was done and the "submit" button was clicked, the user's account then submitted that it "likes" the Cheerleaders Gone Wild page and that message was broadcast from the victim's account to his or her newsfeed for all friends to see, Cluley said.


Read more: http://news.cnet.com/security/?tag=hdr;snav#ixzz0z89WUNUS
By at
Labels:
  • WPF Command bindings - Mouse clicks
    The following article discusses the WPF command binding feature with relation to Mouse clicks. One of WPF powerful features is the bindin...
  • Reading and Writing Files in SQL Server using T-SQL
    SQL Server has never been short of ways to read from and write to files and it is always better to use the standard techniques provided b...
  • WPF BorderBrush
    This article demonstrates the way to work with WPF BorderBrush. The Border control in WPF is used to draw a border along the edges of a c...