Facebook, favourite bait of cyber-crooks in 2011
- In just three days, two new malicious codes using Facebook have been discovered
The recent trend for developing computer threats designed to spread by exploiting the most popular social media continues to gather pace, reports global IT vendor Panda Security. In the last three days alone, two new malicious codes that use Facebook to ensnare victims have been wreaking havoc.
One of these, Asprox.N, is a Trojan that reaches potential victims via email. It deceives users by telling them that their Facebook account is being used to distribute spam and that, for their security, the login credentials have been changed. It includes a fake Word document supposedly containing the new password.
The email attachment has an unusual Word icon, and is called Facebook_details.exe. This file is really the Trojan which, when run, downloads a .doc file that runs Word to make users think the original file has opened.
The Trojan, when run, downloads another file designed to open all available ports, connecting to various mail service providers in an attempt to spam as many users as possible.
The other, Lolbot.Q, is distributed across IM applications such as MSN and Yahoo!, displaying a message with a malicious link. This link downloads a worm designed to hijack Facebook accounts and prevent users from accessing them. If users then try to login to Facebook, a message appears informing that the account has been suspended and that to reactivate them they must complete a questionnaire, with the offer of prizes –including laptops, iPads, etc.– to encourage users to take part.
After several questions, users are asked to enter their cell phone number, where they will receive data download credits for a cost of R83 a week. On subscribing to the service, victims will receive a password with which they can recover access to their Facebook account.
“Once again cyber-criminals are using social engineering to trick victims and infect them with malware” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “Given the increasing popularity of social media, it is no surprise that it is being exploited to lure potential victims”.
PandaLabs advises all users to be wary of any messages with unusually eye-catching subjects, whether via email or IM or any other channel; and to be careful when clicking on external links in Web pages. Obviously, we also warn users not to enter any personal data in applications attempting to sell any type of test.
For more information visit: www.pandalabs.com
Follow Panda Security South Africa on Facebook and Twitter @PandaSecurityZA
- Cyber-crooks use Facebook to drive rogue anti-malware business According to global IT vendor Panda Security, the 56th variant...
- Android, Facebook and HBGary Federal all hacked in the First Quarter of 2011 The complete PandaLabs Quarterly Report is available from: http://press.pandasecurity.com/press-room/reports/ Global...
- Cyber-activism and Cyber-warfare major IT Security Topics in 2011 WikiLeaks is ‘unstoppable’ Cyber-activism on the increase, but cyber-war is...
- Cyber-crooks using celebs as bait With the Oscars announced last week, Panda Security, the global...
- Katy Perry & Russell Brand used as bait to Spread New Facebook Worm Panda Security’s antimalware laboratory, PandaLabs have recently detected a new...
Related posts brought to you by Yet Another Related Posts Plugin.