New FTLog.A worm spreads through Fotolog social networking website
Panda Security has reported the appearance of a new worm, FTLog.A, which spreads through the popular Fotolog social networking site, a photo-blogging portal used by almost 30 million users around the world.
“Cyber-crooks are increasingly exploiting social networking sites to spread their creations as they offer a huge number of potential victims,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “We have already seen malicious code that exploits Facebook or Twitter. Unfortunately, this time it’s Fotolog’s turn.”
The worm spreads by inserting comments in the targeted user’s page prompting them to click a link, supposedly pointing to a video. This comment reads as follows: “hey xxxxxxxxx, encontré este video tuyo acá” – hey xxxxxxxxx (user name), I found a video of you here. If the user clicks the link, the system will ask for permission to download a divx video codec, which is actually the worm.
FTlog.A comment inserted in Fotolog
Once installed, FTLog.A redirects the browser to a site with explicit content and a webpage that asks users for their data in order to claim a (false) prize. If the user clicks Get Free Access a setup.exe file is downloaded which, once run, installs the MediaPass Plugin.
It also changes the Internet home page and injects code into the browser to display pop-up ads, disrupting the user’s browsing experience.
To prevent this type of infection it is important to remind users not to click suspicious links from unknown senders and keep an up-to-date antivirus solution installed on their computers.
More information is available at Panda’s encyclopaedia.
For pictures of this infection, check out Panda’s Flickr stream.
Related posts:
- How Digg and YouTube are used to spread malware Panda Security has revealed that malware creators are using popular...
- Conficker worm ravages six percent of world’s computers Panda Security study reveals scale of security crisis The number...
- VIEWPOINT: Social networking, passwords and privacy By Luis Corrons, Director of PandaLabs We have been warning...
- Cyber-crooks use Facebook to drive rogue anti-malware business According to global IT vendor Panda Security, the 56th variant...
- Reward offer for Conficker arrest According to a cnet article, Microsoft is offering a $250...
Related posts brought to you by Yet Another Related Posts Plugin.
