Security experts are warning Facebook users about a shady file-sharing application called ChatSend that has been linked to spammy e-mail and wall posts from the accounts of Facebook users who download it.
According to a report by GFI Labs, questionable messages that link to ChatSend’s Facebook page began appearing on Facebook users’ Walls in recent days. The ChatSend page now boasts some 134,000 “likes,” suggesting that the program has been making the rounds on the world’s largest social network.
Though ChatSend isn’t believed to be malicious, GFI Labs reports that the application is definitely walking the line between legitimate and fraudulent practices.
In addition to the Facebook wall post and messaging blasts, which are not approved by the user, ChatSend comes bundled, by default, with browser toolbars for Chrome, Firefox, and Internet Explorer that will set Web search as the default search engine, and set a predefined URL as the homepage.
After installation, pop-up Windows inform users that the installation failed. But GFI Labs notes that this isn’t the case the installation has not failed.
The company’s end user license agreement (EULA) should, but does not, contain directions on how to uninstall the application. Instead, ChatSend recently posted the uninstall instructions in the FAQ tab on their Facebook page. Facebook is now blocking links related to the ChatSend domain, according to GFI Labs.
Anonymous on
Dear Brian,
I have read your article about the chat send app and would like to update that we had a bug that was fixed.
we enabled a module in our system that writes in the chat after a file download is completed a message that allows the receiving side to download the app as well, we found out there was a bug in that system that caused it to send the message to all the users chat friends.
This is now fixed and will not happen again.
we also made a change to the EULA and added a section that explains how to uninstall the app.
please let us know if you think we should change/add anything else.