14 DAY TRIAL // As we reported, Facebook was recently hit by numerous malware infected apps. Since then, this week's total has risen to eleven new applications altered by third parties to illicitly acquire login information. Facebook managed to shut down six of them, but not long after the apps had been taken down, five more were put up into place. These were disabled as well in a couple of hours by website admins.
Rik Ferguson, the first one to report them, has been documenting their transformation on his blog at CounterMeasures. As he said, “My research has turned up [...] further Facebook applications which this time have quite clearly been designed for malicious activity and can be clearly linked to the fucabook phishing.”
Clearly, these applications have been put into place to acquire login credentials for Facebook users. Recently, Facebook became the most used social network in the United States, finally topping MySpace. This success attracted more and more hackers to the website, who try to acquire login credentials that they can use to send spam to a user's friends.
For them, more login credentials means more database contacts, and automatically translates into more spam and money. Hence their persistence in hitting Facebook as much as they can.
All the recent eleven rogue apps tend to follow the same pattern by sending a simple notification in which they inform the user that they received a new comment on one of their posts and they should check it out. When clicking on the link, a Facebook app window appears prompting the user to install it on their account.
When performing the installation, a fake Facebook login screen appears, asking the user for their username and password to continue the installation. The personal data is then acquired and stored for further usage by the attacker.
Regarding these latest developments, a Facebook spokeswoman said that “[Facebook] will continue to ensure that all applications on Facebook Platform comply with Facebook policies.”