Shady ChatSend App Linked to Facebook Spamming Activity

Author: Brian Donohue
minute read

Security experts are warning Facebook users about a shady file-sharing application called ChatSend that has been linked to spammy e-mail and wall posts from the accounts of Facebook users who download it.

ChatsendSecurity experts are warning Facebook users about a shady file-sharing application called ChatSend that has been linked to spammy e-mail and wall posts from the accounts of Facebook users who download it.

According to a report by GFI Labs, questionable messages that link to ChatSend’s Facebook page began appearing on Facebook users’ Walls in recent days. The ChatSend page now boasts some 134,000 “likes,” suggesting that the program has been making the rounds on the world’s largest social network.

Though ChatSend isn’t believed to be malicious, GFI Labs reports that the application is definitely walking the line between legitimate and fraudulent practices.

In addition to the Facebook wall post and messaging blasts, which are not approved by the user, ChatSend comes bundled, by default, with browser toolbars for Chrome, Firefox, and Internet Explorer that will set Web search as the default search engine, and set a predefined URL as the homepage.

After installation, pop-up Windows inform users that the installation failed. But GFI Labs notes that this isn’t the case the installation has not failed.

The company’s end user license agreement (EULA) should, but does not, contain directions on how to uninstall the application. Instead, ChatSend recently posted the uninstall instructions in the FAQ tab on their Facebook page. Facebook is now blocking links related to the ChatSend domain, according to GFI Labs.

Suggested articles

Discussion

  • Anonymous on

    Dear Brian,

    I have read your article about the chat send app and would like to update that we had a bug that was fixed.


    we enabled a module in our system that writes in the chat after a file download is completed a message that allows the receiving side  to download the app as well, we found out there was a bug in that system that caused it to send the message to all the users chat friends.
    This is now fixed and will not happen again.

    we also made a change to the EULA and added a section that explains how to uninstall the app.

    please let us know if you think we should change/add anything else.

  • Anonymous on

    Hi Brian,

     

    I don't know how but I don't remember installing chatsend on my facebook. It's not even register on my facebook application and keeps sending message to all my friends. Please fix it as soon as possible my friends are already annoyed and I am considering to deactivate my fb account. thanks

  • Anonymous on

    Hi Brian,

    Sorry I'm really annoyed that I address to you incorrectly. should be address to -anonymous Tue, 11/01/2011 - 6:10pm. anonymous tues - 6:10 please help. thanks

  • Anonymous on

    Hi Chatsend,

    If you really send instruction on how to uninstall it, can you help provide the site/link where I can see the uninstall instruction. I'm trying to search since 3 hours ago still I can't find it. I found instruction to go to Account, application and website and delete the app. but the problem is it's not even in my application list! as I don't remember installing this chatsend app. Please help and send us the site/links instruction on how to unistall this app.

  • Anonymous on

    It appears, the issue have been resolved, few days ago, and the system is stable and running smoothly. please advise on any other issues if any.

     

  • Anonymous on

    if you want to remove the app:

    IE
    Control Panel -> add/remove progreams -> remove ChatSend

    FF

    Options->Addons ->remove

    Chrome:

    in the addres bar type chrome://extensions and uninstall.

     

     

  • Anonymous on

    Thank you.... this thing was pissing me off. Have you seen iminent search? seems to be the same type of deal. What's wrong with these companies?

  • Anonymous on

    I keep getting a notice on facebook that appears to be from a friend

    asking me to sign up for ChatSend. I have no wish to do that. But,

    after checking on my addresses on a sent message I notice that

    the following has been imbedded in my addresses of a message

    that I am sending out. The following is that imbedded junk. Is this

    associated with chatsend. I have been getting a pile of unwanted

    emails (stopped by my firewall as junk) that all appeared after

    I conversed with our friend in Jamaica.

    Here it is:

    =?utf-8?B?Q8OpbGluZSBHYWdub24=?=

    On checking I did a search for Gluz and it appears that this

    is a file sharing program. I never authorized any files sharing in my computer.

    HELP1111

  • Mrs Gurdeep Kohli on

    "Gurdeep installed ChatSend to send files using Facebook chat" pops up every now and then when I use Chat with my online friends.  Not only this they are automatically being received by my friends too.  Earlier I could "report it as spam" but now whenever this pops up and on my trying to report it spam, I am unable to do so.  Please help me remove so that no untoward activity is done through my account.  Thanks!!!

  • lindsey on

    how do i uninstall this chatsend? its really annoying, and i dont remember ever loading it? thanks so much

     

  • lindsey on

    how do i uninstall this chatsend? its really annoying, and i dont remember ever loading it? thanks so much

     

  • rb on

    please say how to remove chatsend from my facebook page

  • Anonymous on

    Firefox: Tools > Options > Extensions > Remove

     

  • Anonymous on

    i absolutely cannot remember to have installed chatsend! i trried to de-install it, but it continues to re-appear. i have absolutely no idea to get rid of it!

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.

Subscribe now

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.