Home | Forum | Arcade
 |
 | | Web worms squirm through Facebook, MySpace |
|
 |
 Posted: Mon Aug 04, 2008 2:39 pm |
 |
|
| ResidentInsomniac |
| Site Admin |
 |
| |
| Joined: 04 Jan 2008 |
Posts: 2150
Karma: +120
|
| Location: Oshawa, ON, Canada |
|
|
|
|
 |
|
Web worms squirm through Facebook, MySpace
by Ryan Naraine @ 4:31 pm
July 31st, 2008
 My colleagues at Kaspersky Lab have intercepted two new worms squirming through MySpace and Facebook, using social engineering lures to plant malware on Windows systems.
The worms propagate via the comments features on the two popular social networks, using video lures and fake Flash Player downloads to trick end users into installing malicious executables.
As part of their malicious payload, the worms transform victim machines into zombie computers to form botnets. Even though the worms are currently only infecting MySpace and Facebook users, Kaspersky Lab analysts are warning users that the worms are designed to upload additional malicious modules with other functionality via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes.
Some of the messages and comments posted to the social network sites include:
Paris Hilton Tosses Dwarf On The Street
Examiners Caught Downloading Grades From The Internet
Hello; You must see it!!! LOL. My friend catched you on hidden cam
Is it really celebrity? Funny Moments and many others.
The messages and comments include links to a fake YouTube-like site. Clicking on the link redirects the targer to another YouTube clone fitted with a note to download the latest version of Adobe’s Flash Player.
However, instead of the latest version of Flash Player, a file called codesetup.exe is downloaded to the victim machine; this file is also a network worm. Kaspersky said its security suite detected the threats proactively and signatures were added to the database on July 31, 2008.
The use of Flash Player downloads as the social engineering enticement is interesting. For the most part, malicious hackers have used fake codecs alongside video lures but, since Flash Player downloads are a normal part of the Web surfing experience, the likelihood that end users fall for this latest trick is rather high.
As usual, if you’re on a social networking site, you are encouraged to pay close attention to executables downloaded to Windows machines, keep your machine fully patched and run updated anti-malware software.
* Image source: Gastev’s Flickr photostream (Creative Commons 2.0)
Source:
ZDNET
http://blogs.zdnet.com/security/?p=1615&tag=nl.e550 |
|
|
|
|
|
|
|
| Posted: Mon Aug 04, 2008 5:35 pm |
|
|
| mrsmuffin |
| Site Manager |
 |
| |
| Joined: 05 Jan 2008 |
Posts: 1415
Karma: +118
|
| Location: Ontario, Canada |
|
|
|
|
|
|
|
|
|
|
| Posted: Mon Aug 04, 2008 6:48 pm |
|
|
| Shirley |
| Graphics Manager |
 |
| |
| Joined: 13 Feb 2008 |
Posts: 1238
Karma: +226
|
| Location: Alberta, Canada |
|
|
|
|
|
|
| Holey Moley!!! Thanks Lynne..... |
|
_________________
 |
|
|
|
| Friends 'R' Family Forum Index -> Virus and Worm Warnings |
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT - 5 Hours
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2003 phpBB Group
|
