Facebook Token Hijacker Malware Could Post On Your Wall, Create Events Inviting Your Friends

Social butterflies beware, there's a brand new strain of the Facebook Token Hijacker malware going around, and it preys on victims who want to score a pair of free UGGs boots. What makes this malware "special" is that it's armed with improved obfuscation techniques to keep its dirty code hidden from anti-malware software.

Details of the malware were posted online by Mohammand Faghani, a security researcher and former Carleton University student. Though the malware is sophisticated in technique, it still requires user interaction to spread. It does that by posting a special offer of free UGG boots, whereby the user is asked to post his/her access token after logging into the application. The malware then hijacks the user's token and immediately begins posting on the victim's wall. It also attempts to create an event inviting all of the victim's friends.

Facebook UGG

This is a little different from a conventional phishing attack, in which a victim's login credentials are saved for future use. The challenge there is bypassing the Identity and Access Management Controls when signing in from an new location. This bit of malware, however, hijacks the actual access token and gets to work straight away.

As always, if an offer seems too good to be true, it probably is.
Via:  Faghani.info
Comments
dorkstar one year ago

what?

Let me get this straight. Someone took the time to write a somewhat sophisticated software with the intent to put false ugg boot advertisements? I'm not seeing their gain here.

Dave_HH one year ago

No - They use your preferences to show you fake ads that ask you to click on them and authorize access to your FB account, like an app would, then they spread malware to all your friends and via your wall.

Post a Comment
or Register to comment