Browse archive

Latest news

Targeted data stealing attacks using fake attachments

A look into the EC Council hack

New Mac spyware signed with legitimate Apple Developer ID

Ransomware adds password stealing to its arsenal

"Get free followers" scam targets Instagram users

Thoughts on the need for anonymity

Four LulzSec hackers handed prison sentences

The New Yorker launches anonymous dead-drop tool

Researchers reveal OpUSA attackers' MO

Info-stealing Dorkbot worm spreading on Facebook

Review: The Hacker's Guide to OS X

Private messages of Bloomberg clients end up online

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

Fake Facebook alert leads to Blackhole, malware

Posted on 27.11.2012

Due to the huge popularity of Facebook and its one billion active users, bogus emails impersonating the social network are constantly hitting users' inboxes.

The latest of these is a notification alert about "activity you may have missed on Facebook":

Clicking on any of the offered buttons or the "unsubscribe" link ultimately lands users on a page hosting the Blackhole exploit kit serving an exploit for Adobe Reader and Acrobat.

Victims who use any of the vulnerable versions of these two software and no AV solution are automatically saddled with an information-stealing Trojan.

The Trojan variant in question is now detected by 28 of the 43 AV products used by Virus Total, but at the beginning of the spam campaign even those who had AV software installed were not safe, as the malware was detected by only three of them, Webroot warns.

Users are advised never to follow links offered in unsolicited emails, no matter how legitimate they look. Check your Facebook account for "activity you have missed" if you must, but do it by logging in through the legitimate login page.