Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




111 posts

Master Geek


Topic # 78858 9-Mar-2011 17:13
Send private message

Hey guys,

Just wanted to warn you on something that seems to be spreading rapidly fast.

It seems hackers figured out how to post to your Facebook profiles by you accidentally visiting their malicious website, there's no apps, there's no permissions, if you're logged into Facebook and click on their website it will post to your Facebook, I suspect it has something to do with your browser cookies. I'm going to research this and write up a blog post explaining it and how to protect yourself against it.

So don't go clicking on any dodgy looking videos posted by your friends on Facebook, or visit any malicious links.

If you do accidentally fall for it, make sure to visit your Facebook profile immediately and check to see if anything is posted to your wall, if it is then click the little cross that appears on the top right of the post "Remove AND Unlike"

I'll update this post with more details when I do some more research into this.

[Moderator edit (MF): moved to other forum]

 

Create new topic
536 posts

Ultimate Geek


  Reply # 447021 9-Mar-2011 17:33

[citation needed]

Infrastructure Geek
4041 posts

Uber Geek
+1 received by user: 193

Trusted
Microsoft NZ
Subscriber

  Reply # 447022 9-Mar-2011 17:36
Send private message

i *think* that if you are using Internet Explorer and you add facebook.com to your trusted sites, any other sites that are out of the trusted list which try to post to facebook.com will fail.

if you can reproduce the 'hack', then give that a go and see if it mitigates it.




Technical Evangelist
Microsoft NZ
about.me/nzregs
Twitter: @nzregs


 
 
 
 




111 posts

Master Geek


  Reply # 447035 9-Mar-2011 18:01
Send private message

Turning on SSL seems to have stopped the one malicious website but not the other.

As far as I can make out, it's Javascript that is initiating the whole "Like and Posting" on your Facebook wall.



Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Red Hat unveils production-ready open source hyperconverged infrastructure
Posted 23-Jun-2017 22:10


Whatever ailed Vodafone broadband … seems to be fixed
Posted 23-Jun-2017 14:10


VMware NSX Meets Stringent Government Security Standards with Common Criteria Certification
Posted 22-Jun-2017 19:05


Brother launches next-generation colour laser printers and all-in- ones for business
Posted 22-Jun-2017 18:56


Intel and IOC announce partnership
Posted 22-Jun-2017 18:50


Samsung Galaxy Tab S3: Best Android tablet
Posted 21-Jun-2017 12:05


Wellington-based company helping secure Microsoft browsers
Posted 20-Jun-2017 20:51


Endace delivers high performance with new 1/10/40 Gbps packet capture card
Posted 20-Jun-2017 20:50


You can now integrate SMX security into Microsoft Office 365, Google and other cloud email platforms
Posted 20-Jun-2017 20:47


Ravensdown launches new decision-making tool HawkEye
Posted 19-Jun-2017 15:38


Spark planning to take on direct management of all consumer stores
Posted 19-Jun-2017 10:03


Qrious acquires Ubiquity
Posted 14-Jun-2017 12:21


Spark New Zealand prepares for 5G with Nokia
Posted 14-Jun-2017 12:16


The future-proof 10.5-inch iPad Pro
Posted 13-Jun-2017 18:16


Mandatory data breach reporting in Australia
Posted 13-Jun-2017 11:30



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.