NEWS FROM THE LAB - Monday, December 15, 2008

Fake Friendster and Facebook Sites with One IP Address Posted by WebSecurity @ 02:20 GMT

One IP address that provides twice the fakery…

We spotted this fake Friendster website at http://friend[...]ter.com. The website steals the e-mail address and password information entered by an unsuspecting visitor who arrives at this page thinking it's the actual Friendster site.

Fake Friendster

Links to the fake website are propagating through malicious comments sent from the compromised accounts of friends in the Friendster network. The links are also included in the infected friend's profile.


Interestingly, on further analysis, the domain http://friend[...]ter.com also pointed to a fake Facebook page as its main page!

Fake Facebook

This fake domain was registered recently in China, and is hosted in China as well. We traced the IP address and noticed that it was hosting quite a few other fake social networking websites — MySpace, Friendster, Facebook, et cetera.


IP address

WebSecurity team post by — Chu Kian