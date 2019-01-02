Aihik Sur By

Express News Service

HYDERABAD: An Avast research has spotted and treated a spamming campaign targeting Facebook users. The social networking site has removed all links of innocuous-looking cartoon posts that redirect to a malicious website and get shared on users’ timelines without any prompts.

The unusually high number of shares caught the attention of Facebook’s team which took down the links suspecting cyber threat.“The images were linked to malicious pages hosted on Amazon’s web-based storage service, S3. Once users clicked on one of the shared images, they were redirected to a website and presented with a pop-up that asked them to confirm if they were over the age of 16 years,” the study said.

Researchers have concluded that a bug in Facebook’s API is responsible for allowing the malicious pages to create Facebook URLS that appeared on users’ timelines. However, it is unclear how harmful the spam is. “The malicious pages did not appear to be collecting personal information, such as Facebook login credentials. Browser extensions that separate Facebook from other websites prevents that from happening,” it said.

It is important to note that the text in the cartoons was in French, but users from non-French-speaking countries too got alerts. Meanwhile, Facebook has reportedly taken note of the threat and fixed the bug in its API.

“Before the link was removed, there was little that Facebook users could do to prevent the link from spreading as it appeared to be using a bug in the Facebook API. The good news is that the link was rather benign. However, it would have been the perfect candidate to spread a phishing campaign,” the study said.

All bad links removed

