An example of likejacking (Facebook clickjacking)

Is Facebook clickjacking a security risk for you ?

  • Yes

    Votes: 1 25.0%
  • No

    Votes: 3 75.0%

  • Total voters
    4

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
Zscaler said:
Last year, we released Zscaler Likejacking Prevention, a free browser extension to protect users from clickjacking leveraging Facebook widgets. Since then, I've seen many websites using Likejacking as their "business model" (i.e. this is how they get traffic to their spam site).

Usually, these spam websites try to get the user to click on a specific area of the page where they have hidden one or more 'Like' buttons. Recently, we found a website where the hidden Facebook 'Like' button follows the mouse throughout the page. No matter where you click, you hit the Like button.


The technique to hide the button, has however been seen previously. There are hidden DIV elements with the opacity set to 0.0.1, which makes them transparent, although they are in the foreground. The position is set to absolute so that it can move anywhere on the page.

Here is a video that explains how it works:



Read more ...
 
Last edited:

DiabloBlack

New Member
Nov 5, 2011
193
Wow, never seen anything like this before. Interesting plugin he developed to combat this problem.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Good explanation, seems a new to me on that vector of likejacking. So with this plugin it will be easy for us to know if the site is using these techniques.
 

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
Wonderful add-on, Even tho I don't use Facebook, I did add this to my family's laptops and changed the setting.

ljYuR.jpg


Thanks for the share.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top