Facebook Web site, pointing to another application. Instead of finding out their "secret crush," users will get treated to the Zango adware Web site.
"Once the request comes in, it's relying on human curiosity to leverage the attack," said Manky. "It's leveraging a trusted network, trusted friends. They'll be really good friends most of the time in real life."
"That's what makes it so effective," he added.
Manky said that while this particular Facebook widget appeared to be financially motivated, it so far has not been found to harm users' computers. However, this form of malware could be used to "point the Web site to malicious code and compromise the system."
"In this case it turned to Zango's Web site," said Manky. "With adware, everything is based off of revenue from affiliates."
Security professionals recommend that users keep updated antispyware and antivirus software as well as ensuring that all Web browsers and operating systems are installed with the latest patches. In addition, security researchers advise that users exercise caution when clicking on unsolicited links.
"It comes down to education, taking some time to read these terms of service and disclaimers, even if it seems it's coming from a trusted friend," said Manky.
Fortinet said that the company notified Facebook Wednesday about the adware. Facebook did not immediately respond to queries.
"Once the request comes in, it's relying on human curiosity to leverage the attack," said Manky. "It's leveraging a trusted network, trusted friends. They'll be really good friends most of the time in real life."
"That's what makes it so effective," he added.
Manky said that while this particular Facebook widget appeared to be financially motivated, it so far has not been found to harm users' computers. However, this form of malware could be used to "point the Web site to malicious code and compromise the system."
"In this case it turned to Zango's Web site," said Manky. "With adware, everything is based off of revenue from affiliates."
Security professionals recommend that users keep updated antispyware and antivirus software as well as ensuring that all Web browsers and operating systems are installed with the latest patches. In addition, security researchers advise that users exercise caution when clicking on unsolicited links.
"It comes down to education, taking some time to read these terms of service and disclaimers, even if it seems it's coming from a trusted friend," said Manky.
Fortinet said that the company notified Facebook Wednesday about the adware. Facebook did not immediately respond to queries.
No comments:
Post a Comment