[Noisebridge-discuss] What is fbviews.org? Is it for real, and is it safe?
Brian Ferrell
endenizen at gmail.com
Thu Feb 17 18:14:08 UTC 2011
Your take is correct. It is not real and it is not safe. There is no
Javascript that can "analyze your Facebook profile to see who's been
looking at it."
As to what it really does. It looks ugly from all the XmlHttpRequests
(definitely sending your info somewhere shady).
Never ever paste javascript in your address bar. It has the potential
to do anything that *you* can do (except change your password/email -
things that require you to type in your password).
I dissected another Facebook malware-type thing a while back and
posted the unobfuscated code here if you're curious:
https://www.noisebridge.net/pipermail/noisebridge-discuss/2010-May/013974.html
This one looks much more malicious though.
-Brian
On Thu, Feb 17, 2011 at 09:44, Gian Pablo Villamil <gian.pablo at gmail.com> wrote:
> This site: fbviews.org claims to host a Javascript that will analyze
> your Facebook profile to see who's been looking at it.
>
> Is it for real? Is there a security risk? My take is that it is NOT
> for real, and that it IS a security risk.
>
> I looked at the script that it points to, and it seems to be heavily
> obfuscated. I'm guessing that it is actually a data harvester.
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
More information about the Noisebridge-discuss
mailing list