Cross-browser worm spreads via Facebook, security experts warn
From Computer World:
Malware writers use Crossrider browser extension development framework to build Facebook worm
IDG News Service - Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.
Crossrider is a legitimate Javascript framework that implements a unified API (application programming interface) for building Mozilla Firefox, Google Chrome and Internet Explorer extensions.
The API allows developers to write code that will run inside different browsers and, by extension, on different OSes. The framework is still in beta testing and its creators plan on adding support for Safari soon.
<SNIP>
In order to spread, the malware leverages its control over infected browsers to piggyback on active Facebook sessions and send spam messages on behalf of authenticated Facebook users.
The links included in LilyJade's Facebook spam messages direct users to compromised websites that load the Nuclear Pack exploit kit into a hidden iframe, Golovanov said.
For those of you who don't speak Geek: If you get a weird message from one of your Facebook friends, don't click on the link.