The Register® — Biting the hand that feeds IT

Feeds

Phantom app risk used to bait scareware trap

Scareware scammers are staking advantage of rumours about an "unnamed app" that supposedly poses a security risk to Facebook users in order to trick users into sites slinging rogue security software packages. Searching on Google for the term "Facebook unnamed app" leads to numerous hacker-poisoned search engine results prepared …

This topic is closed for new posts.
Adam Salisbury
Stop

Not a rumour!

The un-named app is real, although what threat is presents I do not know, I got a typical hysterical email telling me to check for this app before the sky falls in and I grow too many ears and unusually for me, thought I'd check it out.

Lo and behold, an un-named app does appear in my application list, I've now removed it but not sure how lethal it may or may not be.

Anonymous Coward
Stop
Reply Icon

I found an un-named app as well...

...and deleted it. Also received a spam message from one of my trusted friends (who was unaware her computer was sending facebook messages) at about the same time I discovered the app. Coincidence?? Clearly something is amiss.

Anonymous Coward
Anonymous Coward
Reply Icon

OK, seems facebook has sorted this out.

http://edition.cnn.com/2010/TECH/01/27/facebook.bug/

David Harley

The app that dare not speak its name

Since I posted my ESET blog, I've one or two people have claimed that they've deleted unknown app and still have Boxes in their profile, so Boxes is probably not the only culprit.

Two points I'd make (and have made) in response: while Unnamed App may in some instances refer to something malicious, that doesn’t mean that “Unnamed App is a virus”. The second and more important point is that Googling for Unnamed App undoubtedly -will- turn up some malicious sites because of the SEO poisoning that's taken place, and that's something I -have- seen for myself.

VinceH
FAIL

Don't Panic!

It seems to me that most Facebook users just copy and paste the damned messages into their status without bothering to check if they're true - so no gain from the blackhat SEO work there.

This topic is closed for new posts.