Facebook Clickjacking Scripts Hijacking Facebook Users

Facebook Clickjacking Scripts Hijacking Facebook Users

In this post we will not talk or explain the mechanism behind clickhijacking attack. The goal and moto of this post is to let you know how abusive this attack has been since past recent months.

So for those of you who don't know Clickjacking is?, it is a method of hijacking a users click in tricking him to click in to clicking some thing else. In the past Clickhijacking was used to hijack users click in to clicking on advertisements and make revenue.

Here is an example of a wordpress clickhijacking script that costs about 15$, that would trick the users into clicking ads without annoying them.

However now a days clickjacking is being used for tricking users in to liking a facebook page. As you might know that due to panda effect internet marketers are seen to be more focused on social media promotion. Therefore clickjacking scripts provid lots and lots of benefits to people who tend to use black hat SEO for promotion of the website and facebook pages. 

But what makes this even worse is the people distributing the clickjacking scripts for free or selling it. Recently I came across dozens of forums selling clickjacking scritps on a very cheap rate.

Here are some of the screen shots which I took recently: 

Demonstration

In order to demonstrate how clickjacking works, I setup a page on my free hosting account embedded withclickjacking script that would trick the users into liking the following page on clicking:

Here is the screenshot of the page where I installed Clickjacking script. (I took the script from an online forumand then modified it to meet my needs). The infected page stated the following: 

On clicking the click here to download your FreeToSell Package link the script was initiated which automatically liked the voteformypic page. 

By now you might have understood the whole idea behind the clickjacking attack. However if you would like to see more detailed analysis, I would recommend you to check the following post Hijacking Facebook Users With Clickjacking

http://www.youtube.com/watch?feature=player_embedded&v=jgAO8WU2lp0

  ЄƝʆƠƳ ӇƛƇƘƖƝƓ @ƝƖƦƛƝʆƛƝ  ЄƝʆƠƳ ӇƛƇƘƖƝƓ @ƝƖƦƛƝʆƛƝ  ЄƝʆƠƳ ӇƛƇƘƖƝƓ @ƝƖƦƛƝʆƛƝ  ЄƝʆƠƳ ӇƛƇƘƖƝƓ @ƝƖƦƛƝʆƛƝ