Why you should NOT install ‘Fun & Entertaining’ Facebook applications | Facecrooks

[Ceyfer √]

"Think before you click!"

We often have readers ask us questions about specific Facebook applications. Some apps generate an enormous amount of spam and can annoy the heck out of your Facebook friends. Others are outright scams and should be avoided entirely. For example, any application offering to show you who has viewed your profile, who your Facebook stalkers are etc., are guaranteed to be fraudulent. Facebook doesn’t allow developers access to the data required to create apps like this.

There are a couple of things you should know about third party Facebook applications. First off, there is no formal review process for applications or developers on the Facebook platform. Anyone and everyone (scammers included) can create apps. This is far different from the “Walled Garden” approach taken by Apple. Many unsuspecting users might be under the impression that if it’s on Facebook then it must be legitimate. That is totally not the case.

The majority of Facebook applications that virally spread on the platform are questionable at best (virally here means spreading quickly and not that it necessarily contains a virus.) If you click on the info tab of the application and there is nothing known about the developer, then we highly recommend that you do not proceed with the install. For your maximum safety and protection, it is essential that you only install apps from trusted, well known sources.

More here | Facecrooks

Scam-watch!
http://facecrooks.com/category/Scam-Watch

[Bearcat]

I don't use any Facebook app's myself.

[BigGuy]

I don't use any Facebook app's myself.

I don't use them either.

[leofelix]

I submitted "prenium.xpi" to Avast / Avira / EMSISOFT and Microsoft some days ago

--------------

Analysis of the file(s) in Submission ID MMPC12012327673477 is now complete.

This is the final email that you will receive regarding this submission.

The Microsoft Malware Protection Center (MMPC) has investigated the following file(s) which we received on 1/23/2012 2:41:31 PM Pacific Time.
Below is the determination for your submission.

========
Submission ID MMPC12012327673477

Submitted Files
=============================================
prenium.xpi [Worm:JS/Depslear.A]
+---icon.png [Not Malware]
+---chrome.manifest [Not Malware]
+---prefman.js [Not Malware]
+---script-compiler-overlay.xul [Not Malware]
+---script-compiler.js [Not Malware]
+---xmlhttprequester.js [Not Malware]
+---install.rdf [Worm:JS/Depslear.A]
+---Thumbs.db [Not Malware]
+---youtube.js [Worm:JS/Depslear.A]

The following links contain more information regarding the detections listed above:
http://go.microsoft.com/fwlink/?linkid=95666&Entry.aspx&name=Worm:JS/Depslear.A

.....................................

Avira replied me that it is not malware, Avast usually doesn't reply, but that file is still undetected.
Fortinet and ESET detect that file, too


You will find a list of similar sites here, the most of those sites have been reported to google and taken down

[FunkY]

I don't use any Facebook app's myself.

Even better and even safe. I don't use Facebook

[Bearcat]

@ Leo Thanks for the info! Keep up the good work!

@ FunkY I only chat with friends on FB and have my account set up so only they can post on my wall.

[MAX]

I submitted "prenium.xpi" to Avast / Avira / EMSISOFT and Microsoft some days ago

Avira replied me that it is not malware, Avast usually doesn't reply, but that file is still undetected.
Fortinet and ESET detect that file, too

Neither they reply nor they detect
(No personal offense to Avast but a reality which decreasing popularity of product from last 1 year and i fee angry/sad as i like their product very much)

[Ceyfer √]

Neither they reply nor they detect

• 4 million users experience spam on any given day
• 20 percent of users have been exposed to malware
• 600,000 attempts are made to hijack user accounts each day

*ZoneAlarm Data

It is because this type of annoying malware belongs to the phishing/trojan agent family, some AV doesn't have the right detection algorithm yet or not really design to be aggressive on this matter. Apart from the fraudulent codec, you will be annoyed with pop-ups and fake survey redirection attacks. This is a one-size fits all type of attack that facebook users are currently experiencing right now ( typical black-hat social media spam. ) Finally, this is where the facebook ThreatSeeker Cloud security falls short - social engineering attack!

[safeguy]

Let's face the reality here. Those who read this type of articles are from any 1 of these categories:

1) Non-Facebook users
2) Facebook users who don't use/install apps
3) Facebook users who install apps and knows better not to install crap

Unfortunately, this type of articles does not reach the audience that needs the advise/reminder badly..

4) Facebook users who well install everything they see and like without thinking, not even once

All-in-all, nothing much changes. Social engineering will still win over the masses most of the times.