Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Cross-browser worm spreads via Facebook, security experts warn
From Computer World:
Malware writers use Crossrider browser extension development framework to build Facebook worm
IDG News Service - Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.
Crossrider is a legitimate Javascript framework that implements a unified API (application programming interface) for building Mozilla Firefox, Google Chrome and Internet Explorer extensions.
The API allows developers to write code that will run inside different browsers and, by extension, on different OSes. The framework is still in beta testing and its creators plan on adding support for Safari soon.
<SNIP>
In order to spread, the malware leverages its control over infected browsers to piggyback on active Facebook sessions and send spam messages on behalf of authenticated Facebook users.
The links included in LilyJade's Facebook spam messages direct users to compromised websites that load the Nuclear Pack exploit kit into a hidden iframe, Golovanov said.
IDG News Service - Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.
Crossrider is a legitimate Javascript framework that implements a unified API (application programming interface) for building Mozilla Firefox, Google Chrome and Internet Explorer extensions.
The API allows developers to write code that will run inside different browsers and, by extension, on different OSes. The framework is still in beta testing and its creators plan on adding support for Safari soon.
<SNIP>
In order to spread, the malware leverages its control over infected browsers to piggyback on active Facebook sessions and send spam messages on behalf of authenticated Facebook users.
The links included in LilyJade's Facebook spam messages direct users to compromised websites that load the Nuclear Pack exploit kit into a hidden iframe, Golovanov said.
6 replies
= new reply since forum marked as read
= new reply since forum marked as read
If you get any weird messages from your Facebook friends, don't click on the links. 
