Monday, December 20, 2010

New Facebook Profiles Invite New Threat

Facebook is great fun, and can even be a great way to keep in touch with not only your friends and family but your work mates as well. Facebook because of its very nature needs to be used with caution and a good dose of common sense, as the following article clearly proves.

Security officials from Trend Micro caution that malware creators are taking misusing the buzz made by the latest Facebook profiles to push harmful program on to user's systems with the help of Facebook toolbar.

The toolbar is forged, but is well crafted. The mails appear to have come from Facebook and use the site's template also. The subject of the mail is "Hello dear friend!" and the message is signed by "The Facebook Team".

It reads: "Hi dear Friend. Now you can download the Facebook toolbar. Now it will be easier than ever to share and connect with your friends. Thanks". The message comes with a big green button which says "Download Here", which on clicking, takes to a site serving a file calledfb.exe for download.

As per Trend Micro, this file is actually a variant of the Zapchast IRC backdoor.

Security expert state that Backdoor.IRC.Zapchast installs IRC scripts and configuration files that enable the infected system to be used as a zombie. The infected machine connects to some IRC channels mentioned in the configuration files and is controlled by the hacker. Also, some Zapchast variants come infected a computer virus called Parite.B.

Cristina Buenviaje, Anti-Spam Research Engineer at Trend Micro said that, lately, Facebook brought in some changes to the profile pages of its users which make it easier for users to display their latest activities and to know about their friends. Also, it is not a matter of concurrence that soon after this change, they started getting fake mails from Facebook, as per the news by blog.trendmicro.com on December 9, 2010.

The security experts claim that it has become an expected pattern. Everytime Facebook initiates some changes; the attackers launch mail campaigns that misuse the change and lure users into installing malware.

Facebook has attempted in the past to increase the security level, but as per from BitDefender, an Internet Security Firm, is filled with Trojan horses, keyloggers and other kinds of malware. The viruses could be found in harmful links and other third-part applications.

You can read the full article here.

No comments:

Post a Comment