ISS Sharack NX-15

Elaborate Facebook Warm Virus

Update: Facebook responds to malware attacks.

Facebook malware attacks to date have largely consisted of getting user credentials via phishing sites and then spreading spam and additional phishing attempts. But a new worm is disseminating through Facebook that aims to install trojan software on a user’s machine.

The worm spreads when a compromised user’s account is used to send message to others with a title such as “LOL. You’ve been catched on hidden cam, yo:” and a link to a random URL. The linked website is a YouTube-like page that shows a video player along with what looks like a standard browser message to update your Flash installation. Clicking on the button begins a malware installation of a file called “codecsetup.exe.” We didn’t go so far as to install the software, but our guess is that it zombies your computer, installs a keylogger, and other fun stuff.

A nasty feature of the worm is that it takes the profile picture of the sending infected user and adds it to the linked website. This makes it all look much more legitimate for the potential victim. Facebook users are notoriously naive when it comes to security awareness, and a certain percentage of users will always end up falling for this kind of social hack. There’s little Facebook can do other than attempt to filter out the landing website in messages.

WOW ... thanks for the info Unica

good info Unica thank you

NEW MALWARE ATTACK TARGETS TWILIGHT FANS

In case you're not part of the lovesick teen-promise ring set, the second film in the Twilight series, New Moon, arrives in theaters this Friday, and its slobbering audience is desperate for any kind of taste it can get of the wildly anticipated movie. Any Harry Potter nerd will tell you the same thing.

But fanatical franchises like this invariably lead to danger, as fans let their guard down, exposing themselves -- and their computers -- to risky situations.

A new Twilight scam making the rounds and exposed by PC Tools, isn't a whole lot different from the usual M.O., but here's a primer on how it works.

It all begins with a web search: Users search for "Stephenie Meyer" (a misspelling of the name of the author of the Twilight books) on the web, and find (rather high) in the results a link to a result reading "Stephanie Meyer at 365Multimedia.com," with the description "Stephenie Meyer interview on Twilight the movie starring Robert Pattinson and Kristen Stewart."

Sounds harmless enough, but 365Multimedia.com doesn't actually host interviews (it's a desktop background and screensaver website), and the link in question doesn't actually go there either. Instead, users are directed to a malicious website that takes that age-old scareware path: A pop-up alerts users that they are infected with some sort of malware, and then directs them to a download site so they can get a phony antivirus software product to remedy the issue.

At that point, the user is asked for his credit card number, additional malware is installed on the machine, and Robert Pattinson is nowhere to be found. Now that sucks. (Bites? Pick your own favorite vampire reference...)

The good news is that most anti-malware software should protect you from actually falling prey to this scam even if you do click on the link, but do keep in mind that extra vigilance is in order when getting information about especially popular topics (remember that Anna Kournikova had her own virus at one time) and when visiting sites you've never heard of.

Thanks for the info Unica at least we got some warning before someone crashed the system..