New Spam Campaign Circulating around as Facebook Messenger Application
As per the security experts at the security firm "Trend Micro", cybercrooks have recently launched a new spam campaign that asks Facebook users to download an application on their systems. The application is called Facebook Messenger.
The bogus e-mails come with a subject line of "[user] listed you as his uncle" and utilize the original template matching to actual Facebook notifications.
The text of the e-mail message notifies receivers of numerous pending actions, including a friendship request as well as a www.facebook.com link that, in reality, directs to a third-party website.
The fake web page promotes a program called Facebook Messenger, which as per its description, is thought to be an application for rapid access to messages from the Facebook account.
As per the security researchers at Trend Micro, the file deploys BKDR_QUEJOB.EVL, a means that opens a link on TCP Port 1098 and listen in for commands.
The commands might update the malware ridden files, installing and running other malicious files, and initiating certain procedures. It also asks the system for various details, such as installed antivirus products and OS version then dispatches the data it collects to a certain SMTP.
Commenting on the matter, Paul Pajares Fraud Analyst at Trend Micro stated that, Facebook had diversified its array of service offerings, making the website extraordinarily brilliant than a place where users can get in touch with each other. It had been stated several times, that Facebook is bound to substitute e-mail as a mode of communication, as it offers a more simple way for users to dispatch messages. He further added that, this ease, however, has been leveraged by cybercrooks during this recent spam run, as reported by Trend Micro on April 18, 2011.
As a matter of fact, it appears like presently, cybercrooks have their eyes specifically set on Facebook users, as this is not the single attack, which has been witnessed during the last few days. In another similar instance, receivers were notified that their Facebook passwords were insecure and that they should open the attached document, which when opened resulted in the installation of malware on users' computers.
Finally, these incidents display that the security firm's forecast that 'social networking websites, like Facebook will prove to be a beneficial platform for conducting malicious activities in 2011 is proving correct.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 25-04-2011