It’s not Facebook, it’s you. You’ve got malware.
The malware is called Page Rage and Drop Down Deals. Head to this page to disable Page Rage, and this page to uncheck everything related to Drop Down Deals. And if you’re not infected, then no, I don’t suggest visiting either of those pages. Only go there if you’re having the issue.
Once you’ve visited those two sites with every web browser on your system, then scan the living daylights out of your computer with your antivirus/antimalware software. And install Bit Defender Safego to reduce the chances of something like this happening again.
And if you hear anyone talking about how great Page Rage or Drop Down Deals are… Well, ignore them. It’s just adware, 2011 edition.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.
PR hack-written spam reply from Page Rage claiming not to be malware removed. You can thank me later.
Page Rage, we’ll decide what’s malware and what isn’t. The authors of botnets don’t consider their stuff malware either. Software that interferes with the proper operation of software and/or web sites is malware.
I’m glad we got that cleared up.
wow, thanks. I didn’t know what was going with these ads. They had been there for a few months. I thought everyone had these on their facebook, boy was I wrong
But don’t call it malware. Or Jennifer Quintero, representative of Theme Your World LLC (aka Page Rage) might come and smack you with a pen.
I’m still trying to figure out how programs being installed without users’ knowledge or permission and defacing web pages by adding ads to them isn’t malware. Oh wait, it is. Also, according to the message from Jennifer Quintero that I read and promptly deleted, you can pay $1.99 to get rid of the ads. Which, I suppose, isn’t extortion.
Page Rage indeed.
@Dave – I believe the whole root of this issue is where users are installing our app. Some users install directly from our site and others may install through one of our affiliate networks. We do not want to “sneak” on to user’s machines, but sometimes our affiliates go against our terms and standards and we’d like any help to reprimand them. Do you or your users have any information about how we got on their computer? We appreciate your help and understanding, thanks.
What I personally know is what my readers have reported here, and what I’ve seen from security researchers on Twitter. I can also see from my server logs a lot of people are looking for information/help about this.
If anyone wishes to report their experience here, of course, they’re welcome to do so for as long as the comments remain open. Comments close automatically after 28 days.
I’m been a late-comer to Facebook, which may provide some info on how the infection occurs.
A few days ago, I created my first test FB page. During the setup process (don’t know if it was after everything was complete, or during one of the steps) I clicked on a link/image along the left hand side labeled something like “Change Theme.”
Clicking it went directly to the Page Rage site. I was kind of surprised. I assumed that I would just go to another FB “theme-options” type page.
Anyway…finding myself on the Page Rage site, I just figured PageRage was a FB partner or something….I clicked ONE theme just to see what it would look like.
Immediately afterwards…I just back-buttoned back to the FB page/site.
Then, probably 50% of commerce sites I went to suddenly started having that “drop down deals” thing.
I too am curious how this happened…..I am pretty experienced, never mistakenly click suspect items…and, regardless, was presented with NO TYPE of message/prompt when first being sent to Page Rage….but it some how got on my machine.
Hope you are able to find out how this is happening.
@KevInTN – Sometimes our app is offered in a “bundle offer,” meaning that if you installed some other app for your computer, PageRage is bundled within that offer. These offers are required to advise you that our app is being offered within the app. Do you remember installing, at anytime, any app for your computer? Another thing, if you share a computer, there’s a good chance that someone else could have installed our app. The more information you provide to us will help us troubleshoot the issue at hand. We appreciate your help! If you would like to email us, please do so here: press@pagerage.com.