Yet another Malware Assault on Facebook Users
On March 12, 2010, researchers from security firm Websense cautioned Facebook users to abstain from clicking URLs posted on the pages of their friends and acquaintances or of some popular celebs. This is because the alleged videos links actually led users to malicious websites.
According to the security firm, their experts have discovered that the malevolent campaign is spreading on Facebook at a rapid pace. Members of Facebook were subjected affected by malicious URLs placed on some popular users' wall, but the compromised links were circulated via numerous Facebook users. The circulation of vicious URLs started before the command and control server that was distributing the malicious software was taken offline in the day.
It is quite possible for the Facebook members who clicked these compromised to face a malware attack on their system as the software has extremely less antivirus coverage. The infection was successfully detected by merely 14% of the leading antivirus engines. Besides, the malware can be spotted on renowned Facebook pages, like one of Justin Timberlake and some others.
Further, the harmful link is not only circulating though known names, but also "long tail" fairly popular pages of Facebook.
Security research senior manager for Websense, Patric Runald, stated that the downloaded malware would first steal Facebook username and password of the victim, log in his/her account, and then start circulating the harmful link via messages to friend/group lists or by posting messages to group, according to the news published by infosecurity.com on March 12, 2010.
Similar malware movement is found in Twitter as well. The security experts commented that social networks have now become a preferred target to execute malicious applications. Numerous Variants of the malware have evolved that multiply themselves simply by placing spiteful links on the walls of Facebook users.
Therefore, to curb possible infections from more scams in future, users should be careful of links dealing with videos that indicate to a site that appears partly doubtful, said Runald. But, he ensures that the threat is no longer active, as Websense immediately informed Facebook about the scam, and the website supporting the harmful content was taken offline.
Related article: Youth’s Bank Account Used in Transferring Phished Funds
» SPAMfighter News - 23-03-2010