Account-hijacking Trojan spreads via Facebook messages
Posted on 12.03.2014
Private messages delivering what seems to be an image are spreading like wildfire on Facebook, as the file in question triggers the download of a Trojan that compromises the victims' computer and Facebook account to spread the malware further.

The infection chain starts like this: the victim sees the message from a friend that simply states "LOL" and includes the "image":


Unfortunately, the ZIP file in question contains a Java JAR file of the same name that, when run, downloads the actual malware from a remote Dropbox account.

The two aforementioned files are not malicious per se, but the third one is - it's a Trojan that injects itself into legitimate processes currently running on the victimsí system.

According to Malwarebytes' Adam Kujawa, it's still unkown what the Trojan does except compromise the victims' Facebook account, but if we go by the results on VirusTotal, it could be a variant of the infamous Zusy banking Trojan.

"The origin of the threat is also currently under investigation however some of the text found within the Java file leads us to believe it was developed by someone who speaks Greek," noted Kujawa.

Users are advised not to open automatically similar files received from Facebook friends, but to ask them first if they were the ones who sent it.

"If they donít respond or they say ĎI dunno, I didnít send thatí then go ahead and suggest your friend run an AV scan and change their Facebook passwords, in that order," he advises.

The malware affects only computers running Windows, so if you accessed your Facebook account and tried to open the file via your mobile phone or Mac, you're in the clear.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //