Facebook Attacked with New Worm

CSIS, the security company based in Denmark, which first spotted an extremely malicious PC-worm, reports that the worm is utilizing Facebook, the Internet site for social-networking, to carry out self-propagation via posting malevolent web-links onto it that connect with sites having the banker Trojan Zeus along with other threats.

Moreover, according to CSIS' investigators, for self-propagation, the worm harvests account credentials from Facebook that it utilizes for accessing those accounts and putting up web-links. These web-links that are actually malicious pretend to show an image file the infected visitor's network-contacts posted.

The file, apparently, represents an exploitative jpg document, supposedly providing a screensaver. Those who download and run it can be deceived into facing dire consequences, particularly because its detection by anti-virus engines is pretty low.

Additionally, CSIS says that the PC-worm is spreading via other websites too.

Security researchers of other firms remark that the worm functions quite well on Facebook.

Incidentally, describing the site's utility, Senior Security Researcher Mike Geide at Zscaler ThreatLabZ malware says that it lets people exchange movies, photos as well as other items on the site, while it's natural for users to trust what their friends send them. For instance, the latest example can abuse the site's system of sharing files along with visitors' faith in their contacts inside the social network, Geide explains. Darkreading.com published this dated November 29, 2011.

Fortunately, Facebook managed in closing the offensive URLs that are propagating the worm. A Spokesperson of Facebook states that the company is continuously keeping watch over the situation, while also blocking the URLs that get discovered over time. It has also deployed internal systems designed particularly for monitoring spam variations as also in joint task with other industry players, adopting means -technical and lawful- towards combating the bug, the Spokesperson adds. Darkreading.com published this.

Meanwhile, security researchers recommend Facebook-users that for maintaining their PCs and bank accounts secured; they shouldn't open any dubious appearing file attachments despite being dispatched from their friends. Further, they should necessarily have their anti-virus software up-to-date and enabled on their PCs so such threats could be detected. Securitynewsdaily.com published this on November 29, 2011.

Related article: Facebook Users Should be Careful of a Computer Virus

» SPAMfighter News - 12/6/2011