Clickjacking is a method of web attack that features hijacking the click of the users' mouse on a webpage (thus its name) and then using them in prompting illegal actions.

Regarding this, the security experts opine that the only objective of this recent Facebook worm appears to be circulating itself. The disturbing messages, posted on the wall of the targeted user, are based on valid and popular news topics from the last few months.

Some of the examples include "LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE", "The Prom Dress That Got This Girl Suspended From School", "This man takes a picture of himself EVERYDAY for 8 YEARS!!", or "This Girl Has An Interesting Way Of Eating A Banana, Check It Out!"

If users click on any one of the messages, they are taken to webpages hosted at blogspot.com that shows just one line of text- "Click here to continue".

Further, security firm Sophos claim that clicking on anywhere on this page (text or not) leads to the publication of the message on the user's Facebook page.

Also, the security firm finds the dubious web pages as being hit by Troj/Iframe-ET.

On his blog post, Senior Technology Consultant, Graham Cluley wrote that if users believe that they have been attacked by this worm, they should go to the news feed and delete entries associated with these links. Also, users should see their profile, click on the Info Tab and should remove any one of the pages from the section of "Likes and interests", as per the news published by Sophos.com on May 31, 2010.

Finally, this attack follows the warning of F-Secure's Chief Research Officer, Mikko Hyponnen, who cautioned Facebook users about the propagation of a Clickjacking worm through the social networking site that deceived users into posting the spam messages on their status updates; however, it doesn't seem malicious.