TeMerc Posted January 3, 2008 Share Posted January 3, 2008 2008.January.02 Fortinet Global Security Research Team discovered a malicious Facebook Widget (officially, a "Platform Application") actively spreading on the social networking site which ultimately prompts users to install the infamous "Zango" adware/spyware. The malicious widget, called "Secret Crush" first appears as a Facebook request 'secret crush'.In opening the request, the recipient is informed that one of his/her friends has invited him/her to find out more information by using "Secret Crush'.Clicking the "Find Out Who!" button leads to the standard third-party application install page essentially stating that the referred application will be granted access to user's details upon installation. FortiGuard CenterSource: Sunbelt Quote Link to comment Share on other sites More sharing options...
Guitar Man Posted January 3, 2008 Share Posted January 3, 2008 After MySpace, it's Facebook that is being targeted with this trash... How to prey on the innocent and ignorant at one place ! I'm tempted to say that it serves you right to expose your life as an open book for all to see.There. I said it ! If you know anyone that uses Facebook, and you care about them enough, forward this ASAP. Quote Link to comment Share on other sites More sharing options...
TeMerc Posted January 4, 2008 Author Share Posted January 4, 2008 Zango's in your Face(book) The Zangonistas are at it again, this time deftly disguising their "software" as a Facebook Widget. Fortinet, who discovered the issue, discusses the "Secret Crush" widget at length, so no need to repeat their extensive effort.Instead, I'd like to offer a bit of analysis, then invoke a debate. Detailed analysis @ HolisticInfoSec.org Quote Link to comment Share on other sites More sharing options...
TeMerc Posted January 4, 2008 Author Share Posted January 4, 2008 Rebuttal by Zango below and FYI this Zango post: Zango Advisory: As of this posting, the Zango security team has observed that the Secret Crush widget on Facebook is now called the “My Admirer†widget.So if it's so innnocent why the name change?? Quote Link to comment Share on other sites More sharing options...
TeMerc Posted January 7, 2008 Author Share Posted January 7, 2008 Facebook dumps Secret Crush application over spyware claimPosted by Caroline McCarthy January 7, 2008 Good riddance: Facebook has banned the "Secret Crush" application due to its affiliation with a notorious spyware manufacturer.The social-networking site confirmed the breakup on Monday: "Facebook is committed to user safety and security and, to that end, its Terms of Service for developers explicitly state that applications should not use adware and spyware," a statement from the company read. "We have contacted the developers and have disabled the Secret Crush application for violating Facebook Platform Terms of Service."CNET Quote Link to comment Share on other sites More sharing options...
TeMerc Posted January 7, 2008 Author Share Posted January 7, 2008 PG weighs in on the whole Facebook\Zango thing and oddly enough, or rightly so, is almost on Zango's side. Ya you read that right. Like everyone else, I went "ooooh" when I first heard about this. For those who don't know, an application on Facebook - when you installed it - "installed Zango spyware" (according to the numerous writeups), meaning the Zango Adware was the final destination, the main reason, for making this application in the first place.However, Zango came out swinging with their latest blog post and also claimed they have no affiliation with the makers of the Secret Crush application, which seems a little odd considering the maker of the application would have no direct incentive to install their Adware if they didn't have an account with them.They also posted up a screenshot that seems to show the application merely showing randomly selected adverts - not just an advert for Zango. More @ Vital Security Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.