Reports of another javascript-based spam scam doing the rounds in Facebook

Published: 2011-05-12
Last Updated: 2011-05-12 08:38:17 UTC
by Chris Mohan (Version: 1)
2 comment(s)

We have received reports of another JavaScript-based spam scam doing the rounds in Facebook.

This one involves a friend's profile posting a link to your wall.

Should you click on the link in the friend's post , the JavaScript code send spam to your Friends list and so the snowball spam effect grows.

TrendMirco's malware blog had a good write up of the attack method here:

Sounds like introducing friends and family to NoScript Firefox extension [1] would be one way to avoid a large number of phone calls of "Help!" over the next few days.

Thanks to reader Roseman and others for writing in with details.



Chris Mohan --- Internet Storm Center Handler on Duty

Keywords: Facebook
2 comment(s)


Sophos now has a write of the early part of this event (before it had mutated much):
The Sophos writeup says the javascript behind this is retrieved off an .info domain. What domain is it and has that domain been reported to

Diary Archives