"Clickjacking" worm infects Facebook

Security expert, Graham Cluley, discovers social-engineering trick that has attacked hundreds of thousands on Facebook.

Lifeless losers that we are, living in a constant state of paranoia, we have nothing to do but to trawl the web for threats real and perceived.

Well, we found a doozy today. Sophos security expert, Graham Cluley, has put up a blog post today about a clickjacking worm spreading rapidly across Facebook this weekend. It all starts with that damn “liked” link to a bunch of spam messages. If you click on the link you get sent to a blank page with the message “Click here to continue.”

If you click you get the same thing on your Facebook page, similar to the Fbhole worm. Graham suggests:

“Sophos detects the offending web pages as being infected by Troj/Iframe-ET.

If you believe you may have been hit by this attack, view the recent activity on your news feed and delete entries related to the above links. Furthermore, you should view your profile, click on your Info tab and remove any of the pages from your “Likes and interests” section.”

You might also want to friend the Sophos guys on Facebook.