Facebook app pages serving up Javascript and acai berry spam

Want to loose weight quickly? It appears Facebook is now serving up some acai berry spam
Want to loose weight quickly? It appears Facebook is now serving up some acai berry spam

Reporting on this nasty turn of events, Christopher Boyd, a security researcher with Sunbelt Software says that the first Facebook app spam is the result of hackings subverting Javascript on the social networking system.

These, he says, can now spam acai berry diet pages onto Facebook users' profile walls. Simply visiting these pages while logged in, he adds, is enough to post spam, with most of the pages involved promising a viewable video.

In his analysis of the fraudster's code, Boyd says that, if you try to navigate away from the app page, a message will pop up claiming you are about to "corrupt the Flash install".

Delving into the Javascript code reveals that the app spam generates a messaging saying: "I am living proof that this works", referring to a weight loss product and pointing at a fake news story.

Spam messages are then also sent out in both wall postings and Facebook chat that says: "Hey, What the hell are you doing in this video? Is this dancing or what?? Bahahah."

According to Boyd, there appears to be one main domain for this, franebook.com, which is currently serving up 404 errors, and many of the related application pages also appear to have been taken down by Facebook.

The Sunbelt security researcher notes that apps(dot)facebook(dot)com/bergamoleyra/ and apps(dot)facebook(dot)com/hellenismkpmga/ are both returning "page not found" messages, although there seems to be a number of app pages still live and redirecting to the acai berry spam sites.

"As always, be careful what you're clicking on in Facebook – random messages promising junk will usually give you just that, and perhaps a little more besides", he said in his latest security blog.

What’s Hot on Infosecurity Magazine?