Facebook Alert: There Is No Such Thing As 'Color Change' App; Scammy App Affects Thousands
By Sam Lehman | Aug 09, 2014 02:42 AM EDT
Facebook has been targeted by a malicious app dubbed "Facebook Color Change" that redirects users to a malicious phishing site.
Facebook, the world's largest social networking service, is always on hackers' radars. A new app called "Facebook color change" has been tricking users into accessing a malicious phishing website with an offer of changing the color theme of user profile..
The scam was first discovered by Chinese internet company Cheetah Mobile, Thursday. According to the report, the link that offers color changing themes for Facebook profile appears to take users to apps.facebook.com/themsandcolors but actually redirects to a malicious phishing website.
"Cheetah Mobile researchers have found this issue to be happening due to a vulnerability that lives in Facebook's app page itself, allowing hackers to implant viruses and malicious code into Facebook-based applications [which] directs users to phishing sites," the company wrote in an official blog post.
More than 10,000 Facebook users have succumbed to the scam. The users are exploited by being asked to watch a demo video or an offer of downloading of its application to enable it to steal information of friends too.
If the user watches the video, the website steals the Facebook login details, which can help gain unauthorized access. On PC, the scam app prompts users to download a pornography video player and on Android phones it warns users about an infection and to download the suggested app. Cheetah Mobile alerts users to be aware of such false attempts.
Affected users can locate and delete the app from the PC and the Android smartphone to prevent further damage. Cheetah Mobile advises users to change the password for the Facebook account and remove the color changer app from the profile by going into the settings.
Earlier this week, Russian hackers reportedly gained access to 1.2 billion internet logins. Hacks on official Twitter accounts of various agencies and government organizations have created a buzz around the internet. Most recently, Kenyan Military Twitter accounts were hacked by Anonymous and offensive messages were posted on the feeds. Various news publications have also been targeted by the hackers on Twitter.
A study last month revealed that 7.3 million New Yorkers were exposed to data breaches in 2013.