The First Reported Facebook Worm/Malware Pops Up – Secret Crush

The New Acunetix V12 Engine


So facebook has finally fallen victim, after the recent Orkut worm now we have malware infection from Facebook, an application called Secret Crush. The application was renamed as My Admirer but that seems to be gone now too.

The first spyware spreading with Facebook application has been discovered. Security company Fortinet reports that application called Secret Crush is installing Zango (aka AdWare.Win32.180Solution) with Iframe, technically from ZangoCash.com.

It seems like Social Networks are a big target for infections now as the sheer mass of users there means that if the bad guys get a good piece of self-propagating code mixed up with a dose of social engineering they will achieve a massive infection.

The text included to the request entry is “One of Your Friends Might Have a Crush on You!”. Additionally, the buttons are ‘Find Out Who!’ and typical ‘Ignore’. It appears that Secret Crush is not included to Facebook Application Directory (no log-in needed) any more. Reportedly FortiGuard Team has informed Facebook guys and probably the application has been disabled already.

Although the application has been disabled (Good work Facebook) it shows what can happen, and it will happen again that’s a guarantee. This is just the beginning.

Source: Securiteam

Posted in: Malware, Privacy, Web Hacking

, , , ,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


6 Responses to The First Reported Facebook Worm/Malware Pops Up – Secret Crush

  1. Nobody_Holme January 15, 2008 at 1:07 pm #

    The applications system on facebook is a playground. I’ve seen at least 5 that throw badly written code at you when you use them… All of it seems to walk straight into firefox and die, but who knows. scrolling down to the bottom of the page and working up hitting every ignore button you come to (the real one will always be below anything the application generates) works quite well. Meh. social networking is a stupid idea… *wonders why he even uses it*

  2. Sir Henry January 15, 2008 at 2:36 pm #

    I have never understood the draw of facebook (or myspace, for that matter). But, it would seem that both places would be rife with opportunity to infect the users of each. Admittedly, I do use LinkedIn and wonder what types of opportunities are available there. I tend to only get emails for connections, but wonder if someone has been able to work in phishing attempts that would lead to the enumeration of data. Given, there is not much that they could get, but would still be worth investigating.

  3. Darknet January 15, 2008 at 5:33 pm #

    Well I never understood the point of Myspace, it’s all too chaotic and well for lack of a better word – pointless. It doesn’t really map out any relationships or give good ways to find lost friends. I was waiting for something that could replace Friends Reunited as that was never updated, Friendster wasn’t it…thankfully Facebook was. I’ve found people all the way back to Primary School and close friends I’ve lost touch with through moving country that I’ve been able to get back in contact with. I really like Facebook, the way it’s set up, the privacy system and the extendable application API. It’s everything a social network should be for me.

  4. goodpeople January 15, 2008 at 10:03 pm #

    Personally I don’t use sites like facebook, myspace, linkedin, or whatever. I can understand that people use it, but for me it’s just a big waste of time.

    There is one thing funny tho that we all should realize. This online social networking thing works exactly opposite of how it should work if it were in the real world. In the real world you can hide in the safety of a big crowd. Online is different. The bigger the audience, the greater the target.

    There is a lesson to be learned here….

  5. Pantagruel January 15, 2008 at 10:46 pm #

    With the rise of the social networks we will most likely see an increase in malware specifically targeting these kind of sites. Moving about it’s very good on maintaining close contact with friends and social network sites fill exactly that need.
    The phishing opportunities of these communities are superb. Quite some users are freely giving details about themselves/their live style/faimly members/etc making it easy for others to find them and for abusers to get enough info to borrow their identity.
    Again all depends on education and I wonder if facebook ad alikes put a strong emphasis on educating their users about the abuse possibilities they themselves provide.

  6. eM3rC February 7, 2008 at 5:34 am #

    First google, now facebook… I would be willing to bet that eventually there will be one of these viruses that will spread from these social networks to peoples computers allowing a both rapid and wide spread outbreak.

    I agree with the above users about facebook, myspace etc being fairly useless, but I must confess that I use it to keep in touch with my overseas friends.