More than one millionFacebookusers could be affected by a
malicious widget.
Researchers from security firm Fortinet have uncovered a
malicious widget running amok within the Facebook
social networking community.
The widget displays in the form of a "Secret Crush" request
inviting users to find out who of their friends might have the hots
for them.
But the widget acts as a social worm, prompting users to
unwittingly download the infamous
Zango adware/spyware application, and to recommend the contact
details of five further friends to do the same.
Those who have seeded the program within Facebook are cashing
in, getting rewarded "per click", said Fortinet.
The widget is already being used by 3% of the Facebook
community, Fortinet said, which amounts to more than one million
users.
Fortinet has issued
an advisory on the malicious widget.