All-round Scam on Facebook Pushes Backdoor Trojan

Security researchers from Microsoft lately detected one significantly all-round social engineering scam that dupes Facebook visitors into loading one especially malicious backdoor Trojan, which's equipped with keylogging abilities. And though the e-mails utilized for wooing the users are different they actually take onto spoofed YouTube web-pages, published Help Net Security dated November 18, 2011.

Thus, when a user lands on one such fake YouTube web-page, he's told for making his Web-browser up-to-date with one given ActiveX component, which however, is an advanced backdoor that bypasses firewall and has been identified as Backdoor:Win32/Caphaw.A. The malware contains virtually all malicious functions associated with loading File Transfer Protocol (FTP) server, keylogger, as well as proxy server onto the target PC. Additionally, there's one integral remote desktop feature that's associated with Virtual Network Computing (VNC), the familiar open-source project.

In fact according to Microsoft, it knows about a Facebook visitor whose computer had this feature, and who even found funds getting transferred out of a personal bank account to someone not known. The software giant explains that the keylogging malware added to the remote-desktop feature lets such unauthorized funds transfer quite possible.

Notably, the backdoor summons domains like web<removed>es.cc or commonworld<removed>.cc for obtaining the data or information after putting it up on the walls of friends of the Facebook victim. The chief code of the backdoor Trojan meanwhile, gets support of the <removed>youtube.com domain.

Meanwhile, security specialist Mihai Calota at Microsoft recommends end-users that they should make their anti-malware solutions up-to-date followed with running a virus-scan on their PCs. They should also reset the passwords for every sensitive account they hold, from time-to-time. Significantly, incase any Facebook user notices a same kind of social engineering scam exploiting his friend's account then he must caution that person and also notify Facebook via utilizing the option -"report/mark message as spam," Calota suggests. Help Net Security reported this.

Conclusively, it's because of the above kinds of unfortunate assaults using social engineering that Sophos the security firm recently revealed Facebook as having innumerable malware incidences when 40% of respondents in its survey recalled that they'd got malicious software through the social-networking website.

Related article: AOL Yet to Fix Original Critical Flaw Discovered in September 2007

» SPAMfighter News - 11/25/2011