Security Corner

Jan 31 2011   11:50PM GMT

Facebook Security Threats Continue to Grow

Ken Harthun Ken Harthun Profile: Ken Harthun

The two latest malware strains exploit Facebook users via email and instant messaging programs. The first, Asprox.N, is a Trojan delivered via email informing users their Facebook account is being used to distribute spam and that, for security reasons, the login credentials have been changed. The email includes a fake Word document attachment, supposedly containing the new password, with an unusual icon and the filename Facebook_details.exe. Deceiving victims by opening a .doc file upon opening the attachment, this file is really a Trojan that downloads another file designed to open all available ports, connecting to mail service providers in an attempt to spam as many users as possible.

An image of the Asprox.N exploit is available here: http://www.flickr.com/photos/panda_security/5394881095/

The second new malware strain, Lolbot.Q, is distributed across instant messaging applications such as AIM or Yahoo!, with a message displaying a malicious link. Clicking the link downloads a worm designed to hijack Facebook accounts, blocking users’ access while informing that the account has been suspended. To “reactivate” their account, users are asked to complete a questionnaire, promising prizes such as laptops and iPads. After several questions, users are asked to subscribe and enter their cell phone number, which is in turn charged a fee of $11.60 per week. Victims can restore access to their Facebook account only once they subscribe to the service and receive a new password.

Images of Lolbot.Q exploit are available here: http://www.flickr.com/photos/panda_security/5394881133/

http://www.flickr.com/photos/panda_security/5395478542/

http://www.flickr.com/photos/panda_security/5395478578/

I recommend you be wary of any unexpected messages with unusually eye-catching subjects and avoid clicking on external links, running executable files or entering personal data into unknown applications or web forms. Nothing new there, just standard security best practice.

Just be careful out there.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: