Symantec Detects Fresh IM Worm Exploiting Facebook.com

Symantec the security company has detected a worm that's relatively new and is called W32.Yimfoca, which has an unprecedented method of operation to spread across Facebook viz. via exploiting the website's surveys.

Describing this modus operandi, Symantec's security investigators say that whenever a contaminated user visits the top page of Facebook.com, he encounters a pop up presenting the surveys that state that the user's account stands deactivated, however, it can be activated if he answers any of the online surveys.

Nevertheless, during the course of answering, the user finds a progress chart that comes with a warning that he must complete the survey in 3 minutes failing which he'll lose his account's access.

Incidentally, each filled out survey yields the scammers a maximum of $1, while the user apparently gains his account's access. But if he doesn't fill out the survey, a PC worm will prevent him from operating his account and the threat will reappear during his system's rebooting, the warning specifies.

Remarkably, according to the security researchers, the worm prevents the user from accessing Facebook merely when he browses in Internet Explorer. Symantec notes that the social-networking website continues to be accessible through Google Chrome and Mozilla Firefox though.

Furthermore, the said worm proliferates through spam in different languages that are dispatched via MSN Messenger, ICQ, Google Talk, Yahoo Messenger, Skype, Paltalk, or Xfire. It contaminates USB drives too.

Meanwhile, Stephen Doherty security researcher at Symantec, after studying the worm suggests that when anyone suddenly gets a web-link from a friend via an IM, he can always reply that message while asking of the link and thereby ensuring it isn't some sort of malware spreading. Thetechherald.com published this on December 21, 2010.

Eventually, as found in the above malicious campaign, Facebook surveys yield scammers huge money, while innumerable scams associated with the website have been reported during 2010. As per one instance, Sophos another security company said that numerous users of Facebook, during the 3rd-week of December 2010, were found attacked with a scam, which asserted that it could provide them quick admission into a Facebook electronic mail id.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 1/1/2011