So facebook has finally fallen victim, after the recent Orkut worm now we have malware infection from Facebook, an application called Secret Crush. The application was renamed as My Admirer but that seems to be gone now too.
The first spyware spreading with Facebook application has been discovered. Security company Fortinet reports that application called Secret Crush is installing Zango (aka AdWare.Win32.180Solution) with Iframe, technically from ZangoCash.com.
It seems like Social Networks are a big target for infections now as the sheer mass of users there means that if the bad guys get a good piece of self-propagating code mixed up with a dose of social engineering they will achieve a massive infection.
The text included to the request entry is “One of Your Friends Might Have a Crush on You!”. Additionally, the buttons are ‘Find Out Who!’ and typical ‘Ignore’. It appears that Secret Crush is not included to Facebook Application Directory (no log-in needed) any more. Reportedly FortiGuard Team has informed Facebook guys and probably the application has been disabled already.
Although the application has been disabled (Good work Facebook) it shows what can happen, and it will happen again that’s a guarantee. This is just the beginning.