The error 500 page from IMDB contains a reference to Jaws
Saturday, November 24, 2012
Tuesday, November 20, 2012
Sunday, November 4, 2012
Wednesday, October 3, 2012
Monday, October 1, 2012
Quick update, the Miley Cyrus "Sex Tape" worm has been disabled to a certain extent by Facebook, the hackers have quickly adapted the method to use another page on facebook that doesn't display a warning about the access_token and they have switched from Miley Cyrus to Selena Gomez/Justin Bieber "Sex Tape".
Saturday, September 29, 2012
The link in the article is as usual a short url to hide where it is actually going, some of the urls that are used include the following, I think that the site uses a random distribution between different sites, even though all are hosted on Google appspot, e.g.
miley-sex-video.appspot.com, miley-vid9.appspot.com, celeb-tv.appspot.com, celeb-hunter.appspot.com
Whatever site you end up at, the resulting page looks suspiciously like Youtube but displays an "age verification" dialogue (even the sad face icon is stolen from Youtube)
This is actually a cunning trick to make the user authorize the application without noticing and revealing the information to the page.
The resulting page just says success and the page address contains an access token for facebook that the user "has to" pass back to the application. The application then has access to the users stream and posts the image again as mobile upload and tags random friends in the image so that the image and link show up in different users streams that do not even have a friend relation to the compromised user.
After passing the fake age verification page, the page just displays the twirler symbol as if it has problems loading the video, depending on how desperate you are to actually view the video, you could even try to reload the page and try the authorization once more, posting the worm image once again to a different list of friends.
Sometimes the loading image is displayed waiting for age verification, further adding to the impression that this times out and you could just try again later.
I have tried to analyze the html code of the pages a bit, it looks like the people who wrote this had some rather smart ideas to pull this off, it uses a plethora of free services to host the whole thing (google appspot, dropbox, bit.ly, imgur, whos.amung.us, googleapis, maxmind), they are even distributing between different instances of appspot to cheat the daily limit of cpu time and traffic.
Since Friday, Facebook has apparently noticed this attack and removed the stream posts and is now displaying a warning on the html success page to keep users from disclosing the access token:
I checked the first image with Tineye and it came up with an unmodified version of the image, this is from a blog post about "famous o-faces" from 2010, the original image is probably taken from a video by Miley Cyrus
Two updates (at 10/1/2012):
the same thing has been reported by somebody else yesterday coming to the same conclusions: http://www.breakthesecurity.com/2012/09/miley-cryus-sex-tape-real-or-fake.html
(for the benefit of users finding this article with google): the worm may return as a Selena Gomez/Justin Bieber "Sex Tape" scam, though I haven't found evidence that it is really running around Facebook
Thursday, September 27, 2012
I watched this video yesterday of Victoria Justice playing Ms Pacman, I can help feeling a bit old, she is way younger than Pacman, in fact she is 3 years younger than the Game Boy.
(I should mention that I'm 11 years older than Pacman)
before anybody complains: I know it is Ms Pacman, but you get the point I hope
Tuesday, September 25, 2012
Sunday, September 23, 2012
Saturday, September 22, 2012
Sunday, September 16, 2012
Saturday, September 15, 2012
Thursday, September 6, 2012
I got a few DMs recently purporting to be warnings from people you follow about abusive posts from somebody else.
The bit.ly link in the message goes to a phishing page most likely posting new messages again if you disclose your account.
Even though the scam is quite obvious, there are probably enough people still falling for this.
(The taget url is blacklisted by bit.ly now, however)
Saturday, August 18, 2012
Wednesday, August 15, 2012
Saturday, July 14, 2012
Sunday, June 10, 2012
Sunday, March 18, 2012
Let's hope I do not have to add posterous to that list some time in the future.