Thursday, May 19, 2011

Clickjack Viruses and You

If you're here, it's probably because you ran into a 'clickjack' virus on Facebook, which 'liked' some page for you, without you knowing it.

This happens because virus authors have found a way to exploit a flaw in web browsers, which they can use to tell Facebook that you liked something, when you really didn't. 

First, you should know that viruses are not created by nature. They don't evolve. They're created by virus programmers, who usually do it for kicks. Sometimes, they do it for money, or to sell ad space. Think of it as free advertising for them. 

You see, when you 'like' something, that tells your friends about it. It's word of mouth advertising, which is frankly the best kind of advertising.

A clickjack virus is one that fakes a 'click' somewhere that you didn't actually click. Usually on a 'like' button. It's not Facebook's fault, as far as they know, you really did click on the 'like' button. 

In the last year, clickjack viruses have been rewritten hundreds of times, and they're becoming increasingly advanced. Today, we have clickjack viruses that use a JavaScript trick to simulate a click 'for you', just by going to a web page. Isn't that nice of them? 

If you saw this picture and video on your friend's Facebook wall, and you clicked on it to see what it was, you'd be taken to a page with a video on it. It might have some additional stuff on it, like a Facebook looking page with links to polls of some sort. It probably looked like this...

In the second or two it takes that page to load, Facebook has been told you 'like' about three different pages. And yeah, it told all your friends about it. 

If you do get one of these, at least for now, your personal data has not been snaked. It's just faking a click to get a free 'like'. To prevent your friends from falling for this though, you should remove the links to all of this as quickly as possible. To do that, click in the Profile tab in Facebook, then look for any 'likes' that you didn't click. Look for any suspicious videos you didn't post a link to. Then move the mouse over them, and you'll see a tiny 'x' to the right. Click that, and remove it by either clicking the Remove option, or the 'Report as Spam' option. Both will get rid of it. 

Anti-virus software does not protect you here, since the virus is not a traditional computer virus. And using a Mac won't protect you. It's more like a clever webpage than a 'real' virus.

The only real prevention at this time, unfortunately, is to just not click on these links to begin with. So think before you click. If your friend is a college professor, and they post a link to "OMG LOOK @ WUT THIS GIRL N HER DOG DIDD!!?!", there's probably a clickjack virus waiting for you on the other side of that click. 

And don't be embarrassed by falling for it. If you fell for it, that means the other person fell for it first!

Also, the video they link to usually doesn't exist. Sorry about that. 

No comments: