May
19
2011

Facebook Dislike Button News Is a Code Pasting Scam

Facebook scammers are tricking users to paste rogue code into their browser’s address bars in order to get a Dislike button added to their options.

The spam messages posted by victims read “Facebook now has a dislike button! Click ‘Enable Dislike Button’ to turn on the new feature!”

The scammers are using a trick to replace the Share link that appears under the message with an “Enable Dislike Button” one.

Clicking on the link will share the spam message from the user’s account with all of their friends, but also run rogue code on their computers.

“As we’ve explained before, there is no official dislike button provided by Facebook and there isn’t ever likely to be. “But it remains something that many Facebook users would like, and so scammers have often used the offer of a ‘Dislike button’ as bait for the unwary,” warns Graham Cluley, senior technology consultant at Sophos.

A second scam using the Dislike button lure is spreading by encouraging users to paste rogue JavaScript code into their browser’s address bar.

This technique is low-tech and should raise a lot more suspicion, but even so, there are enough users falling for it.

May
19
2011

Majority of Android Devices Vulnerable to Session Hijacking Attacks

Security researchers have discovered a vulnerability in Google’s ClientLogin authentication protocol which allows potential attackers to execute session hijacking attacks against Android users.

The security hole was identified by researchers from the Institute of Media Informatics of the University of Ulm in Germany and builds on the findings of Rice University professor Dan Wallach.

In February, Mr. Wallach discovered that many Android applications sent data in clear form, a problem on unsecured wireless networks where attackers can freely sniff out traffic.

Categories

May 2011
M T W T F S S
« Apr   Jun »
 1
2345678
9101112131415
16171819202122
23242526272829
3031