SocialMe on Facebook, exploited with Trojan Virus and Scare Ware –
SocialMe is a small app. on Facebook that lets users see other users SocailMe profile, pics and tag them as they please. The more tags and comments you receive, the more your virtual score increases. It lets people get attention and socialize in a virtual way, which is good.
The bad part – the application is exploited. I discovered this sometime at the beginning of 09, while I was browsing through SocailMe profiles, Firefox blanked out and asked to close the browser as it had detected an intrusion. After that incident, smelling something fishy on SocialMe/ Facebook, I decided to replicate the problem. For security, I installed McAfee Enterprize edition with firewall on my system and went back to browsing on SocialMe. And to focus on my target, I just had Facebook with SocaiMe open. And I used a brand new Windows installed system that had been patched and shielded with latest updates and detection rules.
Surely enough, after an hour of so of browsing on SocialMe, Firefox detected an intrusion and asked me to close, while McAfee displayed a message saying that it had detected and deleted an infection. A Trojan Virus. I left Firefox window open, and McAfee continued to detect and delete the same Virus over and over again.
Report the incident to Facebook help – I reported the incident to SocialMe development team and also in Facebook feedback under help section. I did not hear from SocialMe at all, but Facebook did reply back to me saying that I had to contact the developer of the application as Facebook did not support any third party applications. In other words, Facebook washed their hands off from policing any rogue application that is using their site as a launch pad to spread malicious software? Weird for a big guy like Facebook to shrug the responsibility off from their shoulders, when they have ample resources to stop their site from being exploited and abused. Of course it is not them, but it is someone that is using their site as a launch pad to spread malicious software. If a hacker exploits my site and uses it for malicious intent, it becomes my moral and professional responsibility to clean up and NOT allow that application in again. But I am sure, they have a clause somewhere in the agreement which says that they are not responsible for any damage caused by other third party applications on Facebook. Easy, so now Facebook does not have to police these application that are launched from their site.
Third Attack – After few months of not using SocialMe, I went back to using it again, hoping that they might have fixed the issue. NO, I was so wrong. This time my laptop got infected even though McAfee claimed that it had deleted the Trojan Virus and had cleaned the infection. However, it was a little too tale. This version of the Virus had already become resident to my system and was now replicating itself in any thumb drive that I inserted in my system. My system crashed trying to rid itself of the virus, and I had to reinstall Windows, and format all my drives.
Solution – STOP using SocailMe. Since Facebook is going to leave you in the wet and not take any action against SocailMe, you got to take your own cover. Even if you subscribe to LifeLock or another identity theft protection company, I’d still avoid using SocialMe. I make this suggestion because Trojan Viruses can do more than just help thieves steal your identity; they can also get into your computer and really mess things up for you. Moral: stay away from SocialMe!
It makes my wonder how many such “third party” rouge applications are exploiting good sites like Facebook, Orkut and MySpace? The industry got to change their attitude towards these third party applications, else they will continue to take shelter under these big trees, and keep spreading their nasty poison.