Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Facebook users, take heed: Some secrets are best left undisclosed, no matter how juicy and intriguing. Those who have encountered the application within Facebook called “Secret Crush” are bound to get a surprise because the said app actually loads adware/spyware that can spread in their friendly virtual neighborhood. With close to 60 million users and still growing, the popular social networking site is once again the target of a malicious attack.

    Secret Crush was quickly branded a malicious widget by the security researchers who discovered it, seeing as how it poses as a legitimate application that promises to reveal someone’s admirer(s). In reality, it loads an adware/spyware associated with Zango, which historically has been linked to adware and spyware designed to gain access to certain games, DRM-protected videos, and software. In 2006, the FBI gave it a fine of US$3 million for allowing third parties to secretly install its adware.

    Secret Crush also tricks affected users into forwarding the application to their friends in Facebook, increasing the chances of the program being passed around. The best thing that can only happen when it is installed is that users come to realize that no list of their admirers will actually be revealed. But by then they would have already forwarded it to friends, who would have forwarded it to other friends, and so on. According to this post in‘s Threat Level blog, around 4% of total Facebook users have already added it, bringing the number of affected users to about a million.

    Facebook’s popularity is increasingly drawing the attention of malicious users who wish to leverage on the traffic generated through its millions of users. In one case, a certain porn company allegedly used automated scripts to mine data from more than 200,000 separate proprietary Facebook Web pages, as detailed in a December 2007 PCPro news report.

    Secret Crush may be just one of the early threats to test Facebook friendships. Those with Facebook accounts better pause before choosing to add it to their profiles and enjoining their contacts do the same, otherwise it can spoil the fun of social networking.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice