Facebook App Installs Spyware

John Musser, January 7th, 2008

Anyone who has installed the third party Facebook application “Secret Crush” is at risk of installing spyware according to this report from security firm Fortinet. Apparently the app entices users by saying “one of your friends my have a crush on you” and then once installed it attempts to download the infamous spyware Zango. The malicious widget authors get rewarded with as much as over $1 USD upon each successful installation, according to Zango’s affiliate program rates (note that as of January 4, the widget changed its name from “Secret Crush” to “My Admirer” and as of today WebWare reports that Facebook has disabled the application completely).

secret crush

Fortinet reports that over 1 million Facebook users may have been infected due to the aggressive way the application encourages invites to 5 or more friends. Effectively that point where viral marketing meets virus software:

This practically makes the widget a Social Worm. Unlike many social worms, the “Secret Crush” propagation strategy does not rely on phishing or any sort of user-space customization feature abuse (see our primer on social worms ). Rather, it relies on pure social engineering which is based on simple manipulation strategies such as “escalation of commitment”. Since users have freely chosen to install the widget at the cost of disclosing their personal information, psychologically speaking it is difficult for them to stop the process at that point. Therefore, most of them will invite at least 5 friends to complete the process. Even after that step, no crush of any sort is revealed

secret crush alert

This is not the first time that mashups and widget security has been the topic of discussion as you can see some of our earlier reports including Mashups as Hacker’s Dream and Banned Books and the Big Brother Mashup.

It’s likely we’ll see more and more variations of mashups and widgets being used for phishing, spyware and other scams this year. The allure of access to such large user bases and the proliferation of open platforms are going to give security experts a whole new speciality.

Both comments and pings are currently closed.

17 Responses to “Facebook App Installs Spyware”

January 7th, 2008
at 9:43 am
Comment by: Late breaking news at Computer Repair Ontario

[...] Facebook App Installs <b>Spyware</b> [...]

January 7th, 2008
at 11:48 am
Comment by: Kasi-Blog » Blog Archive » Facebook Application apparently installs spyware

[...] See Report by Fortinet and blog post by Programmable Web. [...]

January 7th, 2008
at 12:11 pm
Comment by: Social Networking | Duct Tape and Circuits

[...] side of third party applications is things that pop up like I found in this article this morning: Facebook App Installs Spyware, which is based on this report by Fortinet.  Not saying all applications do or even the [...]

January 7th, 2008
at 5:53 pm
Comment by: Rainbow

A worm might have a crush on me? That´s disgusting

January 8th, 2008
at 1:21 am
Comment by: Steven Hatch’s Blog :: links for 2008-01-08

[...] Facebook App Installs Spyware “Anyone who has installed the third party Facebook application “Secret Crush” is at risk of installing spyware according to this report from security firm Fortinet.” (tags: facebook applications spyware Security) Book Mark it-> del.icio.us | Reddit | Slashdot | Digg | Facebook | Technorati | Google | StumbleUpon | Window Live | Tailrank | Furl | Netscape | Yahoo | BlinkList [...]

January 8th, 2008
at 7:15 am
Comment by: Late breaking news on Computer Repair Edmonton

[...] Facebook App Installs <b>Spyware</b> [...]

January 9th, 2008
at 5:12 pm
Comment by: French Press and Facebook Mashup Hoax

[...] not a serious like the recent Secret Crush spyware app but shows how opening up a platform brings with it all sorts of possibilities for manipulation. We [...]

January 10th, 2008
at 6:47 am
Comment by: Facebook nu som svindler-paradis : Vad NU!

[...] første historie handler om applikationen ‘Secret Crush’, der nu viser sig at kunne bruges til at sprede spyware-pro…. Ifølge Programable Web får udviklerne af applikationen lige omkring en dollar for hver gang, det [...]

January 12th, 2008
at 2:23 am
Comment by: Kevin Curry

John,

Thought you might be interested in this:

http://thebutterroom.com/2008/01/05/facebook-apps-and-privacy-or-no-i-do-not-want-to-have-a-beer/

Kevin Curry
Bridgeborn

January 12th, 2008
at 2:50 am
Comment by: John Musser

@Kevin, good summary. I think you’re right that we’ll start to see not only issues with platforms having lots of our data, but the third party apps as well.

January 12th, 2008
at 7:19 pm
Comment by: Facebook重整用户Profiles | paikia.com

[...] 最近的Facebook Apps传播Secret Crush spyware新闻。我觉得Facebook像是是一个marketing或spamming工具,因为如果你没有设定关闭邮件通知,你的邮箱时不时会接受邮件通知说朋友的活动更新,不管是大是小的。尤其朋友圈越来越大,什么无聊的游戏poke来poke去。 [...]

January 15th, 2008
at 1:12 am
Comment by: Hasbro Versus Scrabulous

[...] a Facebook application is the subject of controversy (the other two being the Facebook Hoax and the Facebook Spyware). This time around the news comes via Fortune’s Josh Quittner who reports that Hasbro, the [...]

June 1st, 2008
at 7:26 am
Comment by: DC

I dont use any 3rd party software from facebook, but soon as i log in my CPU usage goes through the roof & doing anything becomes difficult.

September 15th, 2010
at 9:59 am
Comment by: jansen chan

a need a spy i need to now who viewing me

September 15th, 2010
at 10:00 am
Comment by: jansen chan

i want facebook spy i want to now who’s viewing me

March 11th, 2011
at 8:12 am
Comment by: barbara

I have pop up messages from secret crush on my FB page. Can you tell me how to stop this??

November 6th, 2012
at 11:31 am
Comment by: chickcomedy.com

Hurrah, that’s what I was searching for, what a data! present here at this website, thanks admin of this site.

Follow the PW team on Twitter

ProgrammableWeb
APIs, mashups and code. Because the world's your programmable oyster.

John Musser
Founder, ProgrammableWeb

Adam DuVander
Executive Editor, ProgrammableWeb. Author, Map Scripting 101. Lover, APIs.