Trend Micro recently issued an alert on a malware attack utilizing Facebook Messages as the delivery agent. Chat-jacking scams and similar schemes are nothing new on Facebook. One thing we have learned is that scammers will utilize every possible method and medium to victimize the unsuspecting and naive.
The infected messages were found to contain a shortened URL pointing to the following zip archive: “May09-Picture18.JPG_www.facebook.com.zip,” and the malicious file in question is “May09-Picture18.JPG_www.facebook.com.”
Trend Micro identified the worm as WORM_STECKCT.EVL, and it is known to disable installed anti-virus software on infected systems and to act as a communication gateway to malicious websites. This allows the malware author to send and receive information from compromised systems.
The second phase of this attack involves the download and execution of yet another worm called WORM_EBOOM>.AC.” According to researchers, “WORM-EBOOM.AC is capable of monitoring an affected user’s browsing activity such as message posting, deleted posted messages and private messages sent on the following websites such as Facebook, MySpace, Twitter, WordPress and Meebo.” This worm is also responsible for the spread of the malware campaign, as it posts messages to the aforementioned sites containing malicious links.
Always be suspicious of any files received ending in ‘.zip’ or ‘.exe.’ Only download and install files from trusted, verifiable sources. Also, be aware of unusual activity and behavior encountered on sites like Facebook. If you haven’t heard from a particular friend in a while, and all of sudden you receive an odd or out of place message, this is a tell-tale sign that something is amiss.
Recommended Resources
BitDefender Safego is a Facebook application you can install that will scan your News Feed and help keep you safe from scams on Facebook.
PRIVATE WiFi® is a Personal VPN that encrypts everything you send and receive. Don’t access Facebook from a public WiFi hotspot without it.
Do Not Track + is a FREE browser plugin created by Abine. This easy to install plugin keeps websites from tracking you. If you value your online privacy, then you should definitely take advantage of this free product.
Action Alert | Free Parental Control offers a 100% free Internet safety solution designed for parents. There is also a Maximum Protection option for parents that need a more advanced set of tools.