Hackers have found a way to create automated Facebook pages and are using them to spread spyware to unsuspecting users, says antivirus and Internet security firm AVG Technologies.
In a blog entry posted last week, Research Chief Roger Thompson said that AVG's LinkScanner users had started detecting some "rogue spyware attacks" that were coming from Facebook pages. When AVG started looking at the pages, it noticed that the Facebook profiles featured pictures of the same woman and merely had different names to differentiate them. Each page had a link to a supposed video that would infect user computers with spyware if clicked.
Thompson says that there are likely untold numbers of such rogue Facebook profiles on the Web right now, meaning that the hackers have somehow found a way to bypass Facebook's CAPTCHA system that requires users to retype a series of letters to activate an account. Thompson said that while Facebook will certainly delete any rogue accounts it finds, the accounts "can't be an easy thing for them to find" and will thus be difficult to eliminate.
The Facebook spyware attack coincides with an FBI warning released today saying that cybercriminals are increasingly using social networking websites such as Facebook to launch attacks. Among the popular techniques used by hackers are hijacking a user's account and sending spam to their friends that leads to a phishing site; creating applications on the site that include malware or rougue antivirus software; and using malware to gain access to users' personal information on their profiles.
This story, "Spyware Sneaks Past Facebook Safeguard" was originally published by Network World.