New cheap toolkits give amateur
developers the ability to create their own viral Facebook applications, something that’s become a favorite activity of attackers in recent months.
One example of a malicious Facebook
application that could have easily been created using this toolkit is the ‘Facebook
Profile Creeper Tracker Pro’, according to a report by Websense. The application promises to inform users about
who has been viewing their profile most frequently. But after asking for some
permissions and showing some surveys, the application tells the user, perhaps
honestly, that no one views their profile more than they themselves do.
The toolkit that created this
particular application is a viral Facebook application template called “Tinie
App,” and certain variations of it are available for
less than $25. With this toolkit, one receives step-by-step, idiot-proof
instructions, and the capacity to begin spamming Facebook with misleading surveys
to their little heart’s content.
As always, the purpose of these
applications is to make money. The way
it works is through a cost per action program that Web content publishers
can join whereby they can receive payments, generally between twenty cents and
two dollars, for anyone taking a survey on their website, which in this case
happens to be Facebook.
Facebook template applications of this
nature represent a new phenomenon that shows how the culture of spamming is
evolving around social media sites like Facebook. Websense recommends their free
Defensio Facebook app, which can be downloaded at Defensio.com,
for anyone looking to protect themselves from malicious links and spam posted
to their walls.