Malicious Hackers using Facebook to spread malware. Attackers using Facebook’s Wall page to spread the Malware. Wall page in Facebook is used to send messages to friends. This message can contain text, image , a URL to Website or video.
Attackers use Wall messages, in the form of a link to any video Website including Google, Yahoo, MSN or Youtube. When user click on the link instead of going to video content provider Website user is redirected to some other Website asking to install a new version of flash player or any other software to view the content. This new Adobe flash player or software is a Trojan horse, Troj/Dloadr-BPL, that funnels other malicious code detected as Troj/Agent-HJX into users’ machines. Once it has done that, it displays an image of a court jester sticking his tongue out.
Graham Cluley, senior technology consultant for Sophos said
While on the surface this might seem a practical joke from a friend, in reality it means the PC has been compromised and malicious hackers have gained control over it to use it for a variety of purposes, such as sending spam or distributing malware.
For example, in this case, the malicious Wall message is masked as coming from someone on the user’s list of Facebook friends, increasing the likelihood that the link will be clicked on. “Be very suspicious of Wall postings asking you to click on a link to go watch a video.
The friend whose name appears with the video has had his PC or Facebook account compromised in some way that lets malicious hackers perform actions without the friend’s knowledge. It’s possible that the affected friend previously fell for the “court jester” trap, and his PC and Facebook accounts are being used to propagate the scheme.
If people click on a third-party Web site link and a message pops up asking them to download software into their machines, they should never go ahead with the software download. If they feel they should upgrade their Flash player, they should do so only from Adobe’s Web site
The users inside your company may be more willing to click on a link in a Facebook Wall message than they would in a corporate e-mail.
Thanks to CIO for Graham Cluley Statements and Techcrunch for Images .
