Destructive Virus Currently Spreading through Facebook Chats
Sophos the renowned security company has alerted of one destructive virus that's disseminating via Facebook messages while compromising users' chat sessions so as for taking over their computers as well as contaminating them with certain Trojan that steals banking info.
The virus is "Dorkbot," said Sophos whose researchers identified it so. Also, it spreads through messages that the Facebook's real contacts dispatch; however, since the messages are dispatched through chat sessions, it implies that the virus simultaneously infects all computers connected in the loop.
A given web-link within any of these chat messages seemingly lead onto the real Facebook.com website; however, in case clicked, it diverts the user onto an intermediary website that triggers the scam for installing the virus on his system.
Furthermore according to SophosLab, albeit an unwitting end-user might think he is clicking one web-link leading onto an image file, in reality he pulls down one executable file, which downloads additional malware as well as installs one .BAT file denoting any batch file on his contaminated PC.
Eventually, the purpose behind all the above destructive activity is for getting Dorkbot to be loaded onto people's Windows-PCs.
Moreover, the Holland-based CSIS Security Agency that was foremost in spotting the Dorkbot virus states that the malware is created with Visual Basic 6.0, while it unleashes many Anti-VM tricks aimed at Virtual Box, Sandboxie, VMware etc.
Also, the CSIS Group observed that the Dorkbot virus introduced several malicious programs, in combination, onto the target computer, one of them being the dangerous ZeuS/Zbot Trojan, which seized sensitive details of the user out of his contaminated system.
The security researchers state that the destruction by Dorkbot consists of disruption of the infected PC's functioning or sometimes the operator coming across the Windows "Blue Screen of Death" (BSOD).
Conclusively, security specialists urged computer operators to maintain their systems secure, and do away with all dubious appearing web-links no matter whether their sources were known Facebook friends. Meanwhile Facebook, which has over 750m active members, is currently cyber-criminals' attractive platform for exploitation; however, these members could apply certain fundamental tactics for ensuring their accounts remained safe.
Related article: District Attorney Alerts of Scam E-Mails Titled ‘Breaking News’
» SPAMfighter News - 14-12-2011
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!