Monday, December 12, 2011
Kaspersky warns me about a Facebook Trojan when I visit a NYTime debate page in XP; one "fake survey" pops up
Today, when accessing a New York Times opinion page debating blogger journalism, from Google Chrome, my Windows 7 computer (Dell XPS) hiccoughed for a few seconds and froze, then released the page. This sometimes happens once in a day after a restart. It seems as though the system needs to start one more service to run a script.
I wrote a post and linked to it OK on my “BillBoushka” blog today, and Firefox under Webroot/Sophos accepted the linked NYTimes page OK, no warnings. (Usually it's Webroot that catches these first; today it was Kaspersky instead, even though Webroot did a full update this morning.)
But on another XP machine with Kaspersky under Google Chrome, I got a warning about a possible spyware script, which is unusual. The Kaspersky report showed something like “facebook/com/dialogue/oauth with an application number of 9869919170. I double checked and this has no connection at all to my own Facebook account, and in fact I wasn’t logged on to Facebook in any browser through which I accessed this page.
I tried the XP Kaspersky experiment several times. Just once, a pop-up appeared for a “On Question Site Survey” at the bottom. I forget what it was trying to survey or sell (short term memory?) I simply closed the survey and everything was normal. I suspect that the survey would have asked for personal information or cell phone numbers for spam.
I don’t know if this is a legitimate hack or not – it’s on a New York Times page if it is. I don’t know how it got in, and so far only Kaspersky finds it.
There have been problems with fake surveys being embedded in Facebook apps for phishing purposes; maybe some of them are being picked up by major news sites and not being caught by security.
I consistently find that different vendors find different threats that other miss. That doesn’t bode well for PC home security for the average user depending on one vendor.