SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
2 Feb 2015

Malware in Facebook infects users

If you are a Facebook user, be aware of a new malware! Do not click any porn links on Facebook. The reason is that you have thousands of good porn sites out there, but there's an extra good reason right now.

A security researcher warned that rogue pornography links on the world’s most popular social network had reportedly infected over 110,000 Facebook users with a Trojan in two days and it is still on the rise.

The Facebook malware disguised as a Flash Player update and spreads itself by posting links to a pornographic video from the Facebook accounts of previously infected users. The malware generally tags as many as 20 friends of the infected user. "In the new technique, which we call it 'Magnet,' the malware gets more visibility to potential victims by tagging the friends of the victim in the malicious post," said Mohammad Faghani, a senior consultant at PricewaterhouseCoopers, in a mailing list post to the Full Disclosure InfoSec hangout. "A tag may be seen by friends of the victim's friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation."

The malicious post will provide you a link to a porn video in one of your friend's posts. Once clicked, the malicious link will land you a website that will prompt you to quickly download and run a Flash update in order to play the video message purporting to be pornography.

Unfortunately, doing so will download a Trojan horse directly onto your computer system, allowing a malicious hacker to hijack your Keyboard and Mouse. By having control of victim’s keyboard and mouse, one can capture very useful information – like webmail and bank account passwords. Once installed on a Windows PC, the malware collects the victim's data and tries to communicate with the server behind the filmver.com and pornokan.com domains for more instructions.

Faghani notes that the malicious file drops the chromium.exe, wget.exe, arsiv.exe and verclsid.exe executable files. In general, Chromium.exe is a generic dropper that probably downloads more malware to install, such as the keylogger, once it's running. This new technique also enables the malware to keep a low profile, while also displaying itself publicly on your profile, and this is only the reason how the malware infected so many Facebook users just in two days.

The other embarrassing part of this is when your family and friends see that you have just liked and shared porn links on your wall. In a statement, Facebook said, "We use a number of automated systems to identify potentially harmful links and stop them from spreading. In this case, we're aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites."

In order to stop the wave of infections, Facebook is "blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook." To protect yourself from such type of malware infections, just avoid clicking rogue porn links on the social media sites, and when it’s Facebook, Don't do it!

Tags:
Facebook information leaks trojan
Source:
The Hacker News
2030
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015