Facebook “Un Named App” scare leads to malware

Excellent write up by Trendmicro on the ‘un named app’ discussion that is spreading on Facebook. If you search Google for this, you may be tricked into downloading Malware to your machine and get compromised.

Here is the article.

[…] Nothing to worry about here as far as your Facebook is concerned, this does not appear to be a genuine malicious app. In fact a thread on Yahoo answers appears to demonstrate in a reproducible fashion that “Un named App” is nothing more than your “Boxes” tab on your Facebook profile page.

Beware though, there is still real risk attached to this Chinese whisper. Criminals have picked up on the concern among Facebook users (or possibly they were responsible for starting the rumour?) and they have already started to poison Google search results.

Google search result:

Google search result

I queried Google for “facebook unnamed app” and the third result on the first page pointed to a malicious website set up for the purposes of distributing fake anti-virus software, this time called “Security Tool”. If you are unwary enough to click the link you will be presented with a dialogue box informing you that you have a huge number of infected files on your machine and prompting you to use Security Tool to clean them up. The software of course is no real security solution and is designed to fool the victim into parting with hard-earned cash.

Be careful what you surf for.

Social Security Numbers Deduced From Public Data (available on e.g. Facebook)

Interesting article on Wired. Researchers are able to predict correct Social Security Numbers based on minimal information, like date of birth and birth town they mined from social network sites.

Excerpt:

After developing an algorithm […], the researchers tested their results using information on birthday and hometown taken from a social networking site […] . Again, they were able to predict Social Security numbers with a high degree of accuracy.

Again, this confirms my recommendation to NEVER use personal information on public social network sites like Facebook etc. Don’t put your real birth date, birth town etc. on there, it is bound to be used for things much less harmless than birthday reminders.

Full Wired article at:

http://www.wired.com/wiredscience/2009/07/predictingssn/