Hundreds of thousands of Facebook users have fallen for a social-engineering trick which allowed a clickjacking worm to spread quickly over Facebook this holiday weekend.
The attack takes advantage of the Facebook "Like" plugin. These links appear in your News Feed because one of your friends has "Liked" the link:
"This man takes a picture of himself EVERYDAY for 8 YEARS!!"
"LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE."
"The Prom Dress That Got This Girl Suspended From School."
"This Girl Has An Interesting Way Of Eating A Banana, Check It Out!"
If you have already clicked on one of these links or something similar to one mentioned above, please remove the link by doing the following:
Find "Recent Activity" in your News Feed.
Delete any entries related to these links.
Go to your Profile.
Click on the Info tab.
Click "Add Likes and Interests" > "Show All.
In the window that pops up:
Click "Remove Page" for each of those bad links.
Finally "Close" and "Save Changes".
More info here:
http://www.sophos.com/blogs/gc/g/2010/05/31/viral-clickjacking-like-worm-hits-facebook-users/
