Home Non-IT contents only Blog Posts Beware of Friendster phishing malicious code !
Beware of Friendster phishing malicious code ! PDF Print E-mail
Written by Kar Hoe   
Sunday, 02 September 2007 20:02
I realized most of my friends, their profile will have a large image covering their entire website, however that image is not loaded, so you will see a small x on the corner left top, but you can see the content of the profile behind the unloaded image.

When you attempt to click on any part of the friendster profile, for instance the picture, or send comment, you are actually clicking on the unloaded image which is not loaded, but linked to a phishing website (phishing refers to fishing out your information such as bank info by creating a similar website and fool you to enter the website and login)

When you click on the unloaded image and enter the website, you will see "Error trying to validate user" and it will ask you to reenter your password, I believe that if you got tricked and enter your password, the bot will login to your profile and add the malicious code as well. So guys, please becareful, PM those fella who got that malicious code on their website, remove the malicious code, and change their password

One guy who kena is this guy
http://profiles.friendster.com/11515353
see how the malicious code looks like
<div style="
position:absolute;left:1px;top:1px;width:1000;z-index:9;height:2000;filter:alpha(opacity:0);
-moz-opacity:0.5">
<a href="http://alotavagina.com/friendster/">
<img src="http://lalala.com/lala.gif" border="0" height="100%" width="100%">
</a><p> <br />
So thats the code they injected, let me explain the code

<img src="http://lalala.com/lala.gif" border="0" height="100%" width="100%">

This sentence means that they load a non existence image, so you will see a small x which you wont notice, and the image is made to span across the page 100 % height and width

style="position:absolute;left:1px;top:1px;width:1000;z-index:9;height:2000;filter:alpha(opacity:0);
-moz-opacity:0.5"

this CSS style moves the image on the absolute corner, so you wont notice the small x
Please spread the news, to remove it, simply login to your Friendster, and remove it under "About me", and then change your password
I have posted this up on Lowyat.NET Forum

So far, I noticed Cai Jin, Han Yik and Geraldine profile are those which are infected, and there are many more I believe, so spread the word !
Add this page to your favorite Social Bookmarking websites
Digg! Del.icio.us! Google! Live! Facebook! Slashdot! Technorati! Twitter!
 
Related news items:
Comments (0)
Write comment
Your Contact Details:
Comment:
[b] [i] [u] [url] [quote] [code] [img]   
:D:angry::angry-red::evil::idea::love::x:no-comments::ooo::pirate::?::(
:sleep::););)):0
Security
Please input the anti-spam code that you can read in the image.
< Prev   Next >
Last Updated on Tuesday, 22 September 2009 15:27
  		 

Advertisements


eXTReMe Tracker

Who's Online

We have 16 guests online
Your IP - 38.107.191.108
Total hits - Hit Counter

Random Images