Facebook malware, explained
Follow-up to this post:
berecyntia deciphered it (thank you!), and here is what she says:
OK. Basically, this is a simple little bit of javascript that's been obfuscated by running it through a nice little utility called Packer. You can get the original code back by replacing the "eval()" by "document.write()" and running the code. You'll get a nice big string of hex that you can run through a javascript beautifier and get nicely formatted javascript.
When you do that, you get a little thing that uses Facebook's SocialGraphManager utility to select all your friends, suggest this app to them, and select the "like" button for you.
So fairly harmless as far as viruses go. Not too malicious, just annoying.
Interesting. Sounds like maybe someone was trying it as a proof-of-concept exercise, perhaps with the intention of doing something nastier with the same technique later if it worked. Or, possibly, they were doing it deliberately to expose a security flaw in Facebook, in which case the "Worst thing I have ever read" title might have been meant ironically. No way of knowing, I suppose...
But the bottom line is: do not follow a bunch of instructions from some anonymous source telling you to do weird things with your browser, unless you actually know what the hell it's for and are prepared to stop if it tells you to do something potentially dangerous, like, say, paste a huge chunk of obfuscated Javascript into your browser's address bar and then execute it. FFS, people!
Methinks I shall drop a message to the friend who "recommended" this to me (i.e., followed it all the way through so that it recommended itself).
berecyntia deciphered it (thank you!), and here is what she says:
OK. Basically, this is a simple little bit of javascript that's been obfuscated by running it through a nice little utility called Packer. You can get the original code back by replacing the "eval()" by "document.write()" and running the code. You'll get a nice big string of hex that you can run through a javascript beautifier and get nicely formatted javascript.
When you do that, you get a little thing that uses Facebook's SocialGraphManager utility to select all your friends, suggest this app to them, and select the "like" button for you.
So fairly harmless as far as viruses go. Not too malicious, just annoying.
Interesting. Sounds like maybe someone was trying it as a proof-of-concept exercise, perhaps with the intention of doing something nastier with the same technique later if it worked. Or, possibly, they were doing it deliberately to expose a security flaw in Facebook, in which case the "Worst thing I have ever read" title might have been meant ironically. No way of knowing, I suppose...
But the bottom line is: do not follow a bunch of instructions from some anonymous source telling you to do weird things with your browser, unless you actually know what the hell it's for and are prepared to stop if it tells you to do something potentially dangerous, like, say, paste a huge chunk of obfuscated Javascript into your browser's address bar and then execute it. FFS, people!
Methinks I shall drop a message to the friend who "recommended" this to me (i.e., followed it all the way through so that it recommended itself).