Cross-browser Worm Spreads via Facebook, Security Experts Warn

[JMH]

Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.

Crossrider is a legitimate Javascript framework that implements a unified API (application programming interface) for building Mozilla Firefox, Google Chrome and Internet Explorer extensions.

The API allows developers to write code that will run inside different browsers and, by extension, on different OSes. The framework is still in beta testing and its creators plan on adding support for Safari soon.

http://www.pcworld.com/article/2558...ia_facebook_security_experts_warn.html#tk.rss