151.im: Yet another Facebook malware-worm-virus-bug-phishing attack
This article was originally on a blog post platform and may be missing photos, graphics or links. See About archive blog posts.
The Facebook bugs just keep on swarming. If the combination of my Facebook inbox and Twitter chatter is any indication, there’s yet another bug (or whatever you want to call it) floating around on the social networking site. It’s not recent nasty bug Koobface, it’s not mygener.im and, as far as I can tell, it’s not even Boface.BJ. This time the link, which in my case came in messages titled ‘Hello,’ leads to sites with names like 151.im and 121.im.
When you navigate to those addresses (and it seems people are, despite the very odd names), you will find a near-exact replica of the Facebook login page. You are, of course, prompted for your login and password. And once you give those, you, sir, have been hooked by the phishermen.
Facebook did not immediately respond to a request for comment.
The site has long been known for its resistance to spam: Users can only send messages to one another, so outside solicitations are kept out.
But now that a new bug seems to infiltrate Facebook every week or two, the nuisance level of using the site’s messaging system has increased considerably. A reasonable question would be: Is the company doing anything to nip these viral spambugs in the bud before they spread?
Update: 11:31 a.m.: Facebook has responded: ‘This is a phishing attack. We’re well aware of it and are already blocking links to these new phishing sites from being shared on Facebook. We’re also cleaning up phony messages and Wall posts and resetting the passwords of affected users. We think this is related to the fbaction.net/fbstarter.com campaign of a couple weeks ago. You can read more about how we respond to phishing in our recent blog post here: http://blog.facebook.com/blog.php?post=81474932130.’
-- David Sarno