An example of likejacking (Facebook clickjacking)

Is Facebook clickjacking a security risk for you ?

  • Yes

    Votes: 1 25.0%

  • No

    Votes: 3 75.0%
  • Total voters
    4
Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Forum Veteran
Jan 24, 2011
9,380
1
24,874
8,379
malwaretips.com
Zscaler said:
Last year, we released Zscaler Likejacking Prevention, a free browser extension to protect users from clickjacking leveraging Facebook widgets. Since then, I've seen many websites using Likejacking as their "business model" (i.e. this is how they get traffic to their spam site).

Usually, these spam websites try to get the user to click on a specific area of the page where they have hidden one or more 'Like' buttons. Recently, we found a website where the hidden Facebook 'Like' button follows the mouse throughout the page. No matter where you click, you hit the Like button.


The technique to hide the button, has however been seen previously. There are hidden DIV elements with the opacity set to 0.0.1, which makes them transparent, although they are in the foreground. The position is set to absolute so that it can move anywhere on the page.

Here is a video that explains how it works:



Read more ...
Click to expand...
 
Last edited:
Wow, never seen anything like this before. Interesting plugin he developed to combat this problem.
 
Good explanation, seems a new to me on that vector of likejacking. So with this plugin it will be easy for us to know if the site is using these techniques.
 
Wonderful add-on, Even tho I don't use Facebook, I did add this to my family's laptops and changed the setting.

ljYuR.jpg


Thanks for the share.
 
You must log in or register to reply here.

You may also like...