Home Facebook Cracking Down on Rogue Apps with New Verification Program

Facebook Cracking Down on Rogue Apps with New Verification Program

Facebook is launching a new security measure that is clearly a response to the recent threats caused by numerous rogue applications that have spread virally across the social network. According to news from the Facebook Developers blog, all application developers must now verify their Facebook account by either confirming a mobile phone number or adding a credit card to their account.

The new procedure aims to cut down on the number of rogue applications created by hackers and spammers by forcing developers to share personally identifiable information. Unfortunately, say multiple security researchers, verification alone is not enough to stop these malicious apps.

Rogue Apps on Facebook

Last week, we began to wonder if Facebook needed to implement its own anti-malware service after an especially busy weekend where thousands of user accounts were compromised by rogue applications promising tantalizing videos to anyone who was willing to click here. Not surprisingly, many did just that, and ended up on an off-site Web page where malware was installed on their PCs.

On May 15, security firm AVG reported its anti-malware service had blocked more than 30,000 rogue Facebook applications – a number so large, the company’s chief researcher officer, Roger Thompson, called it “stunning.”

But will the new verification measures actually make dangerous applications a thing of the past? Probably not. Adept spammers will quickly figure out how to bypass the security procedures using stolen credit cards or disposable mobile phones.

Security Researchers Response: It’s Not Enough

We asked several security researchers what they thought about the new procedures and none believed the new program was anywhere near strong enough to thwart the onslaught of rogue apps on Facebook.

According to security expert Graham Cluley of Sophos, cybercriminals won’t find that bypassing the measures will be very difficult at all, and will likely use stolen credit cards and pay-as-you-go throwaway mobile phone numbers to get their apps verified. He encourages Facebook to do more than the new measures. “As these applications are being made available to an estimated 500 million users, Facebook would be doing its users a real service if they put in place stronger controls over application developers,” Cluley says. “After all, what legitimate application developer is going to complain?”

Rik Ferguson, senior security advisor at Trend Micro, calls the new program a small step in the right direction, but also feels better application approval methods are in order. “Facebook will find themselves playing the same old game of whack-a-mole unless they institute some form of application approvals process as is already the case on competitor networks,” he warns, again reiterating that neither of the new measures are enough to stop real criminals.

Security Evangelist Ryan Naraine of Kaspersky, agrees, saying the only way Facebook can really fix things is to “implement some form of code signing or code inspections when the app is submitted.” However, Naraine admits the new program is at least “a step in the right direction.”

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.