Sophos: Facebook Chat is Attacked by Hackers to Spread Malware

Latest news
Dr. Web Finds Fresh Version of Trojan Rmnet Scam E-mail Circulates Soliciting Private Banking Details Amnesty International Website Compromised to Produce Malware Cyber-criminals’ Latest Strategy is Application-Based Malware Scam, Which Infects Twice, Spotted

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
HSBC Clients Targeted with Phishing Scam BBB Cautions about Phishing E-mails Supposedly from American Express USPS Cautions Consumers about Malware Laced Scam E-mails St. George Bank Clients Alerted about Fraudulent E-mails Commtouch Cautions about Siberian Dogs Fraudulent E-mail

Trampolines usa

Sophos: Facebook Chat is Attacked by Hackers to Spread Malware

Written by Administrator

Wednesday, 19 January 2011 06:00

Security officials of 'Sophos' has cautioned web users about a latest spam campaign initiated by hackers that can exploit Facebook chat in order to spread malware.

The malware hijacks Facebook accounts from the infected system and spams users in their friend lists.

The fake message promises users access to an interesting photo in order to lure them to an app.facebook.com/[censored] page. After opening this page users are immediately urged to install a file called FacebookPhotos#########.exe (where # stands for a random digit).

A message says that "this photo has been shifted to another location" and asks users to click a "View Photo" button. This button adds to the authenticity of the message and the user immediately downloads the file.

On installing and running the file, the.exe file downloads what seems to be a new Palevo variant, detected as W32/Palevo-BB.

Moreover, Palevo belongs to a family of worms that usually spreads through Instant Messaging (IM) applications such as Windows Live Messenger, Yahoo! Messenger or Skype. Researchers state that it was also the malware behind Mariposa (Butterfly) botnet which was circulated in 2010 by Spanish authorities.

Social engineering sites prove to be a better option for the hackers to spread malware instead of persuading them to fill irrelevant surveys. This Palevo-BB worm is not the first ever malware strain to use Facebook as a platform of infection.

Disturbingly, scams have almost become a frequent activity on Facebook. For instance, lately a fake survey scam was making rounds on the social networking media. This survey offered a fake update of the death of popular rapper Tupac Shakur.

The researchers added that the most famous social engineering network worm till date has been the notorious Koobface worm which is a strain of malware used to deliver victims to scareware scam portals on carry out click fraud.

Chester Wisniewski, a Senior Security Advisor at Sophos said that Facebook removed the application from its service. But there might be several messages like this that continue to be in rounds. Thus, beware of the unusual messages from friends whether they come via mail, or on their walls, or in an instant message, as per the news by nakedsecurity.sophos.com on January 9, 2011.

Read full article...