RealTime IT News

Malware Authors Exploit Facebook App

Is it marketing or is it malware?

That's the question facing Facebook users who are confronting the threat of a second targeted attack less than two weeks after last being hit by a virus.

Users and security experts are now wondering whether an official-looking message making the rounds through the social networking site is a new way for malware authors to reach Facebook users, or a bizarre case of hackers taking advantage of an ill-conceived marketing stunt.

The alarm centers on an official-looking notification, titled "Error Check System" or "Error Checking System" that warns users -- falsely -- that friends have had problems viewing their profile. It also urges recipients to click on an "Activate" button in the message to correct the errors, which thereby downloads a Facebook app and asks users to select friends whose profiles they would also like checked.

Doing so sends the notification to those friends, yet there doesn't seem to be any malware built into the message. That's led some observers to wonder whether the "Error Checking" application is some poorly executed attempt at promoting a new product or service.

However, it's not wholly without danger. If curious users do a Web search on the term "Facebook Error Check System," they're likely to run into a number of Web pages that claim to offer an explanation, but which instead download malware onto their PCs.

Facebook is working to respond to the threat, but even it's not clear on what's going on.

"We have disabled several versions of the Error Check System application and are working aggressively to make sure these annoying apps stay off Facebook," a spokesperson at the social networking site told InternetNews.com in an e-mail. "It has also come to our attention that a Google search for this application leads to a Web page, which initiates a fake antivirus scan and attempts to install malware."

"We've reached out to Google about this search result, and in the meantime, urge users not to click on search links related to this application," the spokesperson said, adding that Facebook's policy is to take action against nuisance or dangerous applications, including steps like disabling them.

Still, the problem remains -- and could spell more trouble for the social networking site, industry watchers said.

"This could be a huge issue for Facebook," Nick O'Neill, who runs the Facebook-watching site All Facebook, told InternetNews.com. "You could get millions of people clicking on and installing this application."

It's also the latest attack designed to target Facebook users. The site was last hit earlier this month when hackers hijacked a 1.5 million-strong Facebook group "5,000,000 against the new version of Facebook".

Page 2: A coordinated attack? Or something odder?