MetaChat - Facebook Virus/Spamming app

MetaChat is an informal place for MeFites to touch base and post, discuss and chatter about topics that may not belong on MetaFilter. Questions? Check the FAQ. Please note: This is important.

13 February 2009

Facebook Virus/Spamming app If you get a notification that you have been tagged in a PICTURE (instead of a photo), do not click the link!→[More:] If you DID click, go to applications and remove the picture app. It auto-adds itself to your applications.

Very VERY crafty.

I've spent the past ten minutes notifying everyone who "tagged" me. Hopefully someone from tech will wake up and remove the malicious app.

post by: CitrusFreak12 at: 01:22 | 4 comments

I'm hoping this thing didn't do anything harmful and is instead a copycat of the "don't click this" Twitter link fiasco.

posted by CitrusFreak12 13 February | 01:31

What insane security model allows this? Srsly.

posted by stilicho 13 February | 01:43

stilicho, automatic authorization is undertaken when a user clicks on a link sent by an application. it allows app devs to get the users' id etc. so the application can be useful instead of forcing them to add it. An application authorized this way can indeed send notifications. I think it's more a case of behavior run amok because someone's exploiting a loophole then necessarily something that needs to be blocked, because that would cause a lot of well behaving apps to get caught up in the collateral damage. Maybe notifications should be limited to other users of the application though. Facebook makes a distinction between authorized and added applications--if it does indeed ADD itself to your profile then yes it's just a bug.

posted by Firas 13 February | 04:01

That's annoying. If it's exploiting FB Dev security, be sure to report it.

posted by loiseau 13 February | 08:38

← Shepard Fairey may go to court over Obama Hope pic. || unfuckingbelievable guitar playing by a 17-year-old french kid [youtube] →

HOME || REGISTER || LOGIN