The Facebook application called 'I will NEVER text again' has attracted nearly 300,000 Facebook fans which could be used as a launching platform for spreading spam messages containing malware links. 'I will NEVER text again' was created to trick computer users into clicking on an offered video through application links. When a user clicks on a link that advertises the application, the program will then ask for permission to access their basic Facebook information and finally create a post on their wall shown in Figure 1 below. Once a user grants permission to the app, the program will post a link on the users' Wall and goes out in the person’s news feed which is seldom read by other friends on Facebook.
Figure 1. Screen Shot of Facebook 'I will NEVER text again' app posting links on user's profile Wall. Credit: Sophos.com
No one is immune to spam messages. Even we have witnessed clever spam messages sent to our own support staff who forward emails to their own Gmail account. Facebook being the largest social network with almost 500 million users worldwide is a prime target for spammers and cyber crooks. In the past, we have seen first-hand how a Facebook application could be used to spread malware. The spammers may have found a new way to spread malware by spamming users through what was found to be a suspicious Facebook application.
For now, the 'I will NEVER text again' Facebook application has not performed any malicious actions other than acting suspicious by offering a video that does not work and spreading links onto other Facebook profiles. Because the app is able to post links on Facebook Walls, it could easily be used to spam users with malicious links.
One of the first to discover this suspicious Facebook application and its questionable actions is Sophos' senior technology consultant Graham Cluley. "It could be used for advertising, for spam or could be used to spread malware as well," Cluley said. "At the moment they are trying to recruit users into the network." Cluley reported the app as suspicious on Monday but has yet to be pulled by Facebook. We expect it to be only a matter of time before this application is pulled.
The publisher of the suspicious 'I will NEVER text again' Facebook app was found to be listed as 'Anne Klein' with no Facebook profile photo. The publishers profile page basically looks bogus if you were to compare it to any other legitimate application publisher's page.
In situations like this, when a security researcher discovers a suspicious Facebook application that could potentially be used to spam other users or spread malware, it is very helpful when the app in question is reported to Facebook. Even though Facebook has had more than their fair share of security issues and privacy concerns in the past, we can all do our part in keeping the social network safe for everyone by notifying Facebook of any suspicious behavior.
Have you ever noticed a Facebook application performing suspicious activity? If so, report it to Facebook.