I read an article today regarding an alleged Facebook based virus from the “Fan Check” application. I will admit I’ve been sucked into the Facebook, but to my defense I primarily stick to just a few applications. Reading about this makes me glad that I’m running Chromium browser on Linux. I think, between the two of those, my chances of becoming infected are pretty slim. The chances of becoming infected with any kind of virus are pretty limited by using Linux in the first place, but that is pretty obvious.
What I found interesting about this article and the related “infection” is that, so far, there haven’t been any proven cases of the Facebook application actually directly infecting anyone. The infection is caused by third-party websites provided through search engine results, and then by way of social engineering. Whether from the Facebook application or the third-party websites, this infection does not rely on browser vulnerabilities or outdated software. It is all done with the permission of the user.
Think about it. Your friend invites you to “join the fun” and use a Facebook application. Each application has to be given permission by the end user in order to access required data. If the application itself were the cause of the infection, the user would have to give permission for it to happen.
In the more roundabout situation the user is afraid they were infected directly by the application (may or may not be the case), so they use a search engine to find a tool that will verify this for them. The search results are then populated by pages telling them they are infected and to download security software immediately. Again, if the user decides to download and install the “security software” they have allowed the infection into their machine.
I decided to try some of these search results to see what it is they tried to do. I was honestly pretty impressed with one of them. If I didn’t know any better, and if I were running Windows it would surely look legitimate to me.