Hackers Attacking Facebook Users with Malicious Applications

A new malicious application called the "Error Check System" is widely infecting Facebook as it sends a fake notification to Facebook members saying that their profiles are not visible to a particular buddy.

The actual text of the notification says that a friend has encountered some errors while checking your profile. This message then directs the user to click on "View the Errors Message". However, security experts have advised Facebook visitors to ignore it since it disguises a Trojan. According to them, once the Trojan is installed, it spams the same notification to all friends of the user and also invites them to load the bogus application thus spreading widely as it gathers information.

However, the experts stated that the malicious application was in its early phase of malware distribution.

Meanwhile, with the problem still persists, a Spokesperson of Facebook said that the company disabled a number of versions of the "Error Check System" application as well as proactively working to ensure that such offending software stay off Facebook, as reported by internetnews on February 23, 2009.

Furthermore, Graham Cluley, Researcher at Sophos, an online security company, disclosed that a search for the term "Error Check System" produces a web-link that takes users to a fake site. This site starts a bogus virus scan as well as tricks users into loading malicious programs on their computers in the guise of an antivirus application. Sophos has identified these malicious programs as Troj/FakeAV-LL and Sus/FakeAV-A, as reported by ITWORLD on February 23, 2009.

Cluley further said that the incident was a crucial reminder to every Facebook user to exercise caution when they add any third-party application to their profile. According to him, Facebook visitors readily trust total strangers as they installed the malicious application on their Facebook profile.

Further, Cluley said on his blog that not only the regular Facebook members, but also those who are not members of Facebook are in danger of the recent application.

Ultimately, the security specialists stated that the cyber criminals were misusing the much-touted social networking for personal benefits, with them, most commonly, distributing malware through legitimate sites.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 3/5/2009