Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A new rogue application is spreading throughout Facebook, much to the chagrin of security experts.
Known as "Error Check System," the application appears to be harmless in its current form, but the methods it is using and the speed at which it is spreading is causing some concern over the possibility for a future malware attacks.
Users become infected with the rogue application by way of social engineering. A user is sent a message from an infected friend which claims that there are multiple "errors" on the user's Facebook page.
The message then directs the user to the application's download page where the user supposedly installs the Facebook application to correct the supposed " errors."
Upon infection, the page then attempts to send notifications to the infected user's friends and repeat the attack.
Though the application is currently not believed to be performing any additional malicious activity, security experts are warning that its infection method could easily be used to harvest user data for identity theft.
"This is an important reminder to all Facebook users that they must exercise caution about which third-party applications they install on their profile, and everyone should remember that Facebook does not approve applications before they are made available on their site," wrote Sophos senior technology consultant Graham Cluley.
"You really are putting your trust in complete strangers when you add that next application to your Facebook profile."
Cluley later noted that the attack is having a rather unpleasant side-effect as well. A flood of users searching for information on the attack have lead to a page on the subject which contains links to other malware attack sites being established as the top Google search return for the term "error check system."
"The worry is that in many people's rush to find out more about the suspicious application's behaviour on Facebook they may well run straight into a scareware author's trap," noted Cluley.
"Is it possible that the original Facebook application was actually a red herring, and the real dangerous payload came from people Googling for information?"
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.