The First Reported Facebook Worm/Malware Pops Up – Secret Crush

Use Netsparker


So facebook has finally fallen victim, after the recent Orkut worm now we have malware infection from Facebook, an application called Secret Crush. The application was renamed as My Admirer but that seems to be gone now too.

The first spyware spreading with Facebook application has been discovered. Security company Fortinet reports that application called Secret Crush is installing Zango (aka AdWare.Win32.180Solution) with Iframe, technically from ZangoCash.com.

It seems like Social Networks are a big target for infections now as the sheer mass of users there means that if the bad guys get a good piece of self-propagating code mixed up with a dose of social engineering they will achieve a massive infection.

The text included to the request entry is “One of Your Friends Might Have a Crush on You!”. Additionally, the buttons are ‘Find Out Who!’ and typical ‘Ignore’. It appears that Secret Crush is not included to Facebook Application Directory (no log-in needed) any more. Reportedly FortiGuard Team has informed Facebook guys and probably the application has been disabled already.

Although the application has been disabled (Good work Facebook) it shows what can happen, and it will happen again that’s a guarantee. This is just the beginning.

Source: Securiteam

Posted in: Malware, Privacy, Web Hacking

, , , ,


Latest Posts:


snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.


6 Responses to The First Reported Facebook Worm/Malware Pops Up – Secret Crush

  1. Nobody_Holme January 15, 2008 at 1:07 pm #

    The applications system on facebook is a playground. I’ve seen at least 5 that throw badly written code at you when you use them… All of it seems to walk straight into firefox and die, but who knows. scrolling down to the bottom of the page and working up hitting every ignore button you come to (the real one will always be below anything the application generates) works quite well. Meh. social networking is a stupid idea… *wonders why he even uses it*

  2. Sir Henry January 15, 2008 at 2:36 pm #

    I have never understood the draw of facebook (or myspace, for that matter). But, it would seem that both places would be rife with opportunity to infect the users of each. Admittedly, I do use LinkedIn and wonder what types of opportunities are available there. I tend to only get emails for connections, but wonder if someone has been able to work in phishing attempts that would lead to the enumeration of data. Given, there is not much that they could get, but would still be worth investigating.

  3. Darknet January 15, 2008 at 5:33 pm #

    Well I never understood the point of Myspace, it’s all too chaotic and well for lack of a better word – pointless. It doesn’t really map out any relationships or give good ways to find lost friends. I was waiting for something that could replace Friends Reunited as that was never updated, Friendster wasn’t it…thankfully Facebook was. I’ve found people all the way back to Primary School and close friends I’ve lost touch with through moving country that I’ve been able to get back in contact with. I really like Facebook, the way it’s set up, the privacy system and the extendable application API. It’s everything a social network should be for me.

  4. goodpeople January 15, 2008 at 10:03 pm #

    Personally I don’t use sites like facebook, myspace, linkedin, or whatever. I can understand that people use it, but for me it’s just a big waste of time.

    There is one thing funny tho that we all should realize. This online social networking thing works exactly opposite of how it should work if it were in the real world. In the real world you can hide in the safety of a big crowd. Online is different. The bigger the audience, the greater the target.

    There is a lesson to be learned here….

  5. Pantagruel January 15, 2008 at 10:46 pm #

    With the rise of the social networks we will most likely see an increase in malware specifically targeting these kind of sites. Moving about it’s very good on maintaining close contact with friends and social network sites fill exactly that need.
    The phishing opportunities of these communities are superb. Quite some users are freely giving details about themselves/their live style/faimly members/etc making it easy for others to find them and for abusers to get enough info to borrow their identity.
    Again all depends on education and I wonder if facebook ad alikes put a strong emphasis on educating their users about the abuse possibilities they themselves provide.

  6. eM3rC February 7, 2008 at 5:34 am #

    First google, now facebook… I would be willing to bet that eventually there will be one of these viruses that will spread from these social networks to peoples computers allowing a both rapid and wide spread outbreak.

    I agree with the above users about facebook, myspace etc being fairly useless, but I must confess that I use it to keep in touch with my overseas friends.