Preliminary analysis of Facebook clickjacking (aprilfoolsprank)
If you have been already a victim of this, then change your password and unlike the page as soon as possible.
What appears: The app displays a video and as soon as the user tries to play it, she/he is logged out.
What this app does
- Likes the link http://cotyperfume.info/aprilprank/ [as of this writing ~60,000 users have liked this link)
- Logs the user out of Facebook.
- Displays a phishing page[screenshot here] which sends user’s email address and password to http://184.108.40.206/log.php
EDIT 1: app info page (with name of developer) is here
EDIT 3: The code actually verifies that entered username and password is correct and shows this youtube video otherwise, an error message is shown prompting user to re-enter login and password. [This one is a cool trick, isn't it ]
EDIT 4: The app was “liked” by at least 120, 000 users before being removed by Facebook.
This is my personal blog. The views expressed on these pages are mine alone and not those of my employer.