Fortinet warns of Facebook’s Secret Crush Malicious Widget

Facebook Secret Crush Malicious Widget

Threat researchers at security firm Fortinet have just discovered a very malicious widget that’s being doing the rounds on the social networking community of Facebook. Facebook is one of the more popular sites that has over a million people worldwide registered.

The malicious widget in question displays in the form of a ‘Secret Crush’ request which invites users to find out which of their friends might secretly be in love with them.

The widget acts as a social worm that requests users to download the infamous Zango adware/spyware application and to recommend the contact details of five further friends to do the very same.

As of now, it is known that this malicious widget is being used by 3% of the Facebook community. This amounts to over a whopping million Facebook users, considering that it has taken place in a really small time-frame.

This not only demonstrates the effectiveness of the propagation strategy used by this very widget but also the potential capitalization on a larger user base, in this case Facebook.

Only last month, Fortinet’s CMO Richard Stiennon named one of his predictions for 2008 as the rise of malicious Facebook widgets.