Monday, May 31, 2010

Inside Facebook "Like" Spam

Update 6-1-10:  Looks like Download Squad caught the story now too.  They're calling it "likejacking." Cute. According to them, security experts have confirmed that this is simply an annoyance, and there appears to be no real security threat at this time.
----------

Be careful what you "Like" on Facebook - there's a new exploit someone out there has discovered, and it seems like people are falling for it in droves!

A couple hours ago, I was taking a look at my Facebook news feed, when I noticed some of the usual silliness:

[So-and-so] likes "LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE."

Eh, seemed like it could be funny, and I was bored.  So I clicked on it.  This brought me to an external website, with an empty white page with black text reading "Click here to continue".


Hovering over the text didn't show any destination URL in the address bar.  Naturally, I was suspicious, but since Macs are immune to most viruses, I clicked to see what would happen.

Nothing happened.  Or so it seemed, until my brother informed me that I now liked this page...

At this point, I felt a little silly, but also curious as to what was going on here...  how had the site made me Like something without clicking on a Facebook "Like" button?  And who was running these things anyway?

Well, I did some digging...

From the HTML of the "Continue" pages, it was fairly clear how the trick was working.  The words were just plain text - not even a link.  However, the pages also contained an HTML "IFRAME" which was used to embed the on-Facebook page that is used to confirm a "Like".  This page element was rendered invisible, and positioned underneath the page's text.  Any clicks on the words would pass though them, and into the actual "yes, I want to like this" button on Facebook.  Clever.

The particular bit of spam I fell for was hosted on a Blogspot blog, but there were quite a few other popular ones, such as The Prom Dress That Got This Girl Suspended From School!  That one was hosted on thedatesafe.com/promdress.  When I went to the top-level, I found folders for several other similarly-set-up scams...  as well as a running tally page, at thedatesafe.com/stats.htm

Whoever runs this server has since locked it down, so you can't see these pages anymore.  But I was sure to take screenshots...


Cute.  This particular shot was taken around 11:50 pm on Sunday May 30th.  The one with over 130,000 "likers" is the prom dress one.  Six minutes later, the number had grown by another 6,000.  Facebook admins finally got wise and started blocking the page shortly after midnight.

I found similar scams spread across a number of domains:
  • Several Blogspot blogs, including girlownedbypolicelike.blogspot.com
  • thedatesafe.com - probably the main site, since that's where the stats page was located.  WHOIS information (a public registry of who owns what websites) was anonymized on this one.
  • mprosperstats.info - this one did have valid WHOIS info, but I won't post it here, since it's unclear whether the owner of this site is involved, or just an innocent victim who had their website taken over by spammers.  It would hardly be the first time.

I suppose it's possible that these are separate spammers, unrelated except in the method they use.  But I think they're all connected.  Facebook recently gained a feature that lets you "hover" the mouse over a link on the site to get some brief info on it - for example, if you hover over someone's name, you get their picture, and a list of some friends you have in common.

Hovering over these spam links also gives some info, including a picture... the same picture, across pretty much every one I have seen...


So uh.... anyone know this face?

Sunday, May 16, 2010

ConFICK!

The Enemy Within - Magazine - The Atlantic

Utterly fascinating (albeit long...) article on the history of the infamous "Conficker" worm. I had never realized just how sophisticated - and let's be honest, clever - it was/is.

Spoiler:  The worm is still out there, lying dormant in a massive botnet estimated at over 6.5 million computers in size.  And security researchers aren't entirely sure they can ever truly eradicate or contain it...

Thursday, May 13, 2010

Portal for Free! (Until May 24)

Steam is now finally available on Mac OS X, and clearly I'll post my impressions on it here in due time.  However, Valve did something else pretty exciting, coinciding with the Mac release...



Portal is an amazing game, and this is the perfect time to check it out if you haven't gotten a chance to yet. This also serves as a great bit of advertising for the upcoming Portal 2, due out late this year.

As a side note - love the trailer too.  Like the earlier teaser for Portal itself, the stylized, graphic animation perfectly captures the game's wicked sense of humor.

Wednesday, May 12, 2010

My iPhone Goes For a Swim


Ok, so this happened several weeks ago, but I wanted to see how things actually played out before writing this post.

I was getting ready to do some laundry while carrying on a conversation with my mother.  Start the water, soap goes in, shirts, pants - pretty automatic.  I finished the conversation, finished loading, and went upstairs.  I made it as far as my second-floor bedroom.

"Oh FUCK!"

I think you can see where this is going...  I essentially flew down the stairs, continuing the stream of expletives, whipped open the cover of the washing machine, and fished the expensive trinket out of the pocket of my jeans.

Now, for those of you without extensive experience with the havoc created by computerized electronics and moisture, I'll recap:  There's something of a "standard procedure" for giving your prized device a fighting chance in this situation:

  1. DO NOT TURN IT ON! No, seriously. Don't check if it works. Turn it off if it's already on.  Electricity can't short circuit if it isn't flowing.
  2. Take out the battery!  Again, can't have a short circuit if you don't have any power.
  3. Open the thing up as much as you can.  If possible, and you are skilled enough, partially take it apart.  Dry it out thoroughly before doing anything else.  The common suggestion for cell phones is a bed of dry rice, left in the sun for a day or two.
  4. Clean the insides if you can.  Once the moisture is gone, corrosion from minerals left behind is your biggest worry.  Be meticulous, but gentle.  A cotton swab with rubbing alcohol works well.
  5. Pray.
Back to my situation, I had a soaked-through iPhone 3GS in my hands.  It had only been underwater for maybe 60 seconds, but that's more than enough time for the water to work its way through.  It wasn't fully "off" - just in its usual "suspend" mode, but I didn't want to risk waking it up to properly turn it off.  And with a sealed-in battery, (grrrr...) I couldn't remove power quickly.

As my fellow geeks would probably expect, my immediate instinct was to rush to my computer, fumble around for my set of Very Small Screwdrivers (what, you don't have one?) and head straight to iFixit.com's tear-down instructions for the iPhone 3G/3Gs.  (I eventually had to look at several of their other guides for more detailed instructions on certain parts, but seriously, I can't plug iFixit enough!)  Thankfully, I happened to have the required suction cup sitting around, so I was able to frantically open the phone.  One the major pieces were disassembled, I put them in their rice-y rehab center.


To help with the drying process, I augmented the powers of Uncle Ben with one of the 150-watt lamps I use for my video work...

I also put some saran-wrap over the dish that held the rice and iPhone parts.  This would create a bit of a "greenhouse effect," increasing the drying heat inside.  I also hoped it would let me see the progress of the drying, as the evaporating water condensed on the inside of the plastic. And condense it did...



I let it sit there for about 12 hours, changing the plastic whenever it got noticeably wet. Ideally, you should give a phone as much time as you possibly can, since you really want it to be bone dry.  Of course, like anyone, I was impatient.  Luckily, I was comfortable enough with tiny devices like phones, PDA's and laptops, that I was o.k. with taking the iPhone apart almost completely.  That really helps the drying process, but your mileage may vary if you're less experienced with this sort of thing.

In any case, once I finally sat down that night to clean and re-assemble the thing, I didn't know what to expect. Most everything inside looked ok, except for one slightly scorched-looking area on the main logic board (See picture to the right).  I still haven't found solid confirmation on what this is online, but at this point my assumption is that it's a surface-mounted Wi-Fi antenna.

Well, the water sensors were also all tripped, but well... y'know.

After a good cleaning, I nervously reassembled the phone, not sure of what was going to happen. After popping the case back together and twirling home the final two screws, I held the power button, and waited...



Not too bad, all things considered. There was a very noticeable light blotchiness across the screen (as well as some faint diagonal lines that don't come out well in photos), but I had read reports of that elsewhere online. Consensus was that it's trapped residual moisture between the LCD and the glass, and that it dissipates over time. The real annoying bit was the Wi-Fi - it wasn't unreliable, it didn't have trouble locating networks - it simply wasn't there.  Wouldn't even read as a function the phone had.  AT&T's 3G network is pretty fast, but it's still not Wi-Fi fast, and the cellular connection also puts a much higher drain on the battery.

The next day, the Wi-Fi was still M.I.A., but the blotchiness had definitely improved.


It continued to get better as the week wore on.  By two weeks, both the blotches and the diagonal streaks were gone.  The phone looked almost good-as-new, except it couldn't do Wi-Fi.  My dad called it my "iPod un-Touch".  I resigned myself to this being my situation for the foreseeable future. Liquid damage instantly voids the iPhone warranty (standard practice for cell phones) and Apple would charge me $200 to replace it out-of-warranty. Not a bad deal, all things considered, but I don't have a whole lot of discretionary income at the moment, so not something I can take advantage of.  Besides, other than the Wi-Fi, the phone works.  Quite well.  So that's that.

But hold on just a second...

Fast-forward to last week. I had periodically been doing a full shutoff-reboot of the phone, just to see if that would do anything. Some websites had reported seeing lost wireless functionality return after doing this, but it never did anything for me.

Except, this time, it did!

So now my formerly-aquatic iPhone even has WiFi back. Well... kind of.  The range is really limited, and kind of unpredictable (making me more confidant the "scorched" part was, in fact, the antenna). But hey, if I'm sitting 5 feet from the router, it stays pretty reliable!  ;-)

So there you have it. A testament to Apple's engineering team... or my ineptitude. Take your pick.