Preliminary analysis of Facebook Click jacking Attack "Chica Sexy"
Came across a few interesting posts like this on my wall today.
Came across a few interesting posts like this on my wall today.
If you are looking for how to avoid or recover: read this one instead. In the past few weeks, a lot of Facebook users have received the following (or similar) messages posted by their friends Hi Friends see Face-book images rotate 360* see here » http://SHADYCLOUDS.TK/ Really cool Facebook revolving images. MUST SEE http://rotatingimage2.tk/. Following are observations and analysis of the same.
So, today morning I received an email saying I received an Orkut scrap from a friend with contents “Bom Sabado”. Within a minute, I received the same scrap from another friend. Now getting the feeling that this must be some sort of worm, I decided to open Orkut with firebug logging enabled to see what was going on. It turns out that it’s a typical case of Cross-Site Scripting (XSS), the attacker can inject and execute its script from hxxp://tptools.org/worm.js and the contents of scrap are able to by-pass Orkut sanitization.