• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

The First Reported Facebook Worm/Malware Pops Up – Secret Crush

January 15, 2008

Views: 12,941

[ad]

So facebook has finally fallen victim, after the recent Orkut worm now we have malware infection from Facebook, an application called Secret Crush. The application was renamed as My Admirer but that seems to be gone now too.

The first spyware spreading with Facebook application has been discovered. Security company Fortinet reports that application called Secret Crush is installing Zango (aka AdWare.Win32.180Solution) with Iframe, technically from ZangoCash.com.

It seems like Social Networks are a big target for infections now as the sheer mass of users there means that if the bad guys get a good piece of self-propagating code mixed up with a dose of social engineering they will achieve a massive infection.

The text included to the request entry is “One of Your Friends Might Have a Crush on You!”. Additionally, the buttons are ‘Find Out Who!’ and typical ‘Ignore’. It appears that Secret Crush is not included to Facebook Application Directory (no log-in needed) any more. Reportedly FortiGuard Team has informed Facebook guys and probably the application has been disabled already.

Although the application has been disabled (Good work Facebook) it shows what can happen, and it will happen again that’s a guarantee. This is just the beginning.

Source: Securiteam

Share14
Tweet
Share
Buffer
WhatsApp
Email
14 Shares

Filed Under: Malware, Privacy, Web Hacking Tagged With: facebook malware, facebook worm, hacking-facebook, hacking-websites, malware



Reader Interactions

Comments

  1. Nobody_Holme says

    January 15, 2008 at 1:07 pm

    The applications system on facebook is a playground. I’ve seen at least 5 that throw badly written code at you when you use them… All of it seems to walk straight into firefox and die, but who knows. scrolling down to the bottom of the page and working up hitting every ignore button you come to (the real one will always be below anything the application generates) works quite well. Meh. social networking is a stupid idea… *wonders why he even uses it*

  2. Sir Henry says

    January 15, 2008 at 2:36 pm

    I have never understood the draw of facebook (or myspace, for that matter). But, it would seem that both places would be rife with opportunity to infect the users of each. Admittedly, I do use LinkedIn and wonder what types of opportunities are available there. I tend to only get emails for connections, but wonder if someone has been able to work in phishing attempts that would lead to the enumeration of data. Given, there is not much that they could get, but would still be worth investigating.

  3. Darknet says

    January 15, 2008 at 5:33 pm

    Well I never understood the point of Myspace, it’s all too chaotic and well for lack of a better word – pointless. It doesn’t really map out any relationships or give good ways to find lost friends. I was waiting for something that could replace Friends Reunited as that was never updated, Friendster wasn’t it…thankfully Facebook was. I’ve found people all the way back to Primary School and close friends I’ve lost touch with through moving country that I’ve been able to get back in contact with. I really like Facebook, the way it’s set up, the privacy system and the extendable application API. It’s everything a social network should be for me.

  4. goodpeople says

    January 15, 2008 at 10:03 pm

    Personally I don’t use sites like facebook, myspace, linkedin, or whatever. I can understand that people use it, but for me it’s just a big waste of time.

    There is one thing funny tho that we all should realize. This online social networking thing works exactly opposite of how it should work if it were in the real world. In the real world you can hide in the safety of a big crowd. Online is different. The bigger the audience, the greater the target.

    There is a lesson to be learned here….

  5. Pantagruel says

    January 15, 2008 at 10:46 pm

    With the rise of the social networks we will most likely see an increase in malware specifically targeting these kind of sites. Moving about it’s very good on maintaining close contact with friends and social network sites fill exactly that need.
    The phishing opportunities of these communities are superb. Quite some users are freely giving details about themselves/their live style/faimly members/etc making it easy for others to find them and for abusers to get enough info to borrow their identity.
    Again all depends on education and I wonder if facebook ad alikes put a strong emphasis on educating their users about the abuse possibilities they themselves provide.

  6. eM3rC says

    February 7, 2008 at 5:34 am

    First google, now facebook… I would be willing to bet that eventually there will be one of these viruses that will spread from these social networks to peoples computers allowing a both rapid and wide spread outbreak.

    I agree with the above users about facebook, myspace etc being fairly useless, but I must confess that I use it to keep in touch with my overseas friends.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

AgentSmith HIDS - Host Based Intrusion Detection

AgentSmith HIDS – Host Based Intrusion Detection

padre - Padding Oracle Attack Tool

padre – Padding Oracle Attack Exploiter Tool

Privacy Implications of Web 3.0 and Darknets

Privacy Implications of Web 3.0 and Darknets

DataSurgeon - Extract Sensitive Information (PII) From Logs

DataSurgeon – Extract Sensitive Information (PII) From Logs

Pwnagotchi - Maximize Crackable WPA Material For Bettercap

Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap

HardCIDR - Network CIDR and Range Discovery Tool

HardCIDR – Network CIDR and Range Discovery Tool

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (225)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (430)
  • Forensics (64)
  • Hacker Culture (8)
  • Hacking News (228)
  • Hacking Tools (681)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (72)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (218)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,181,309)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,172,343)
  • Top 15 Security Utilities & Download Hacking Tools (2,095,333)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,198,671)
  • Password List Download Best Word List – Most Common Passwords (931,796)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (774,426)
  • Hack Tools/Exploits (672,580)
  • Wep0ff – Wireless WEP Key Cracker Tool (528,834)

Search

Recent Posts

  • AgentSmith HIDS – Host Based Intrusion Detection August 31, 2023
  • padre – Padding Oracle Attack Exploiter Tool May 28, 2023
  • Privacy Implications of Web 3.0 and Darknets March 31, 2023
  • DataSurgeon – Extract Sensitive Information (PII) From Logs March 21, 2023
  • Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap February 12, 2023
  • HardCIDR – Network CIDR and Range Discovery Tool December 29, 2022

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2023 Darknet All Rights Reserved · Privacy Policy