A Facebook app that allegedly allows users to change their profile’s colour theme is nothing but a scam, a new report claims.
According to a report from Chinese internet security company Cheeta Mobile, the latest scam allures users to download an app dubbed “Facebook colour changer,” which supposedly let them change the characteristic blue colour of their Facebook profile’s header and interface with choices of 9 different colours including pink, purple, green, yellow, orange and black.
The app scam, which also surfaced in 2012 and 2013, has already affected over 10,000 people. The report noted that once users click the app, it leads them to a phishing website. The website then steals users’ Facebook Access Tokens by asking them to watch a colour changer tutorial video that appears to explain how to use the app. When clicked, the video grants hackers temporary access to the user’s personal information and friends list.
The hackers also try to hack the users’ computers with malware software either in the form of pornographic videos or false virus protection pop-ups.
Cheeta Mobile claims that the issue results due to a vulnerability that lives in Facebook’s app page itself, which allows hackers to implant malicious codes and viruses into Facebook-based applications directing users to phishing sites.
Affected users who have already fallen for the scam are asked to uninstall the app immediately and change their Facebook password to prevent any further problems.
The Chinese internet security company also recommends users to disable the Facebook’s apps platform altogether to ensure no such other malicious apps get installed in the future.
