Jump to content

Recommended Posts

  • ExTS Admin
Posted

http://img.photobucket.com/albums/v708/starbuck50/facebook-1.jpg Security researchers warn of a worm that spreads by posting spam messages via Facebook chat in an attempt to trick users to download and run a malicious executable.

 

The malware hijacks Facebook accounts from infected computer and spams users in their friend lists.

 

The rogue messages promise users access to an intriguing photo in order to lure them to an app.facebook.com/[censored] page.

 

When opening this page visitors are immediately prompted to download a file called FacebookPhotos#########.exe (where # stands for a random digit).

 

A message claims that "this photo has been moved to another location" and encourages users to click a "View Photo" button.

 

The button acts as a failsafe mechanism and triggers the download prompt again, just in case the user dismissed the first dialog.

 

If downloaded and ran, the .exe file installs what appears to be a new Palevo variant, which at the time of writing this article, has an above average detection rate on VirusTotal.

 

Palevo is a family of worms that normally spread via instant messaging applications like Windows Live Messenger, Yahoo! Messenger or Skype.

 

It was the malware behind Mariposa (Butterfly), the largest botnet on the Internet when it was dismantled by the Spanish authorities last year.

 

"It is really unfortunate that Facebook scams are moving back towards spreading malware," says Chester Wisniewski, a senior security advisor at Sophos.

 

"[...] There are probably many more applications like this one making the rounds, so, as always, beware of unusual messages from friends whether they are in email, on their walls, or in an instant message," he adds.

 

Even though profile walls remain the most common conduit for spam on Facebook, scammers have been increasingly abusing the chat feature in recent months.

 

This Palevo variant is not even the first worm to spread like this. In November, security researchers from Trend Micro warned of an IRC bot exhibiting a very similar propagation mechanism.

 

 

 

Source:

Worm Uses Photo Lure to Spread via Facebook Chat - Softpedia

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...