Malicious Facebook Application for $25 in ten minutes

Carl Leonard, senior security researcher at Websense, demonstrated the ease with which hackers could create a malicious Facebook application using a $25 kit available on the underground market at a SpeakUp event in London looking at securing the social web.

Good way to illustrate how low the barriers to entry have fallen. The kit comes complete with templates and all files, such as privacy policy that grants unlimited rights to the publisher of the app, and scripts for publishing the application.

The kit also provides for additional web pages within the application for bogus free iPad 2 offers, surveys and giftcards as tools to collect personal data such as email addresses, which can be sold and converted into money on underground markets.

It is no wonder that in the past year Kaspersky Lab has seen 100,000 pieces of malware designed to work in the social media environment, when creating a legitimate-looking app is as easy as copying and pasting a few details into a template.