Facebook chat worm continues to spread

Status
Not open for further replies.
Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Sophos said:
Last week Sophos warned of a Facebook worm that was spreading on the social network, tricking users into believing that they were clicking on a link to an image.

The bad news is that the attack appears to still appears to be spreading via Facebook's chat system, exploiting compromised users' accounts.

An analysis by SophosLabs has identified that malware designed to install the Dorkbot worm onto users' computers is being spread via Facebook chat. And, for now at least, Facebook's built-in security systems are not preventing it.

facebook-chat-malware.jpg


It wasn't the Facebook friend you are chatting with who sent that message, it was the Dorkbot malware instead. The link may appear - on casual observation - to point to Facebook.com, but in reality it goes to a third-party website.

Although an unsuspecting user may believe that they are clicking on a link to a JPG image, the truth is that they are downloading an executable file that attempts to download further code (another piece of malware) from the net and drops a .BAT batch file onto infected computers.

The ultimate aim of all this malicious activity is to install the Dorkbot malware onto your Windows computer.

Read more >>
Click to expand...
 
win7holic

win7holic

New Member
Apr 20, 2011
2,079
I've test this on my old laptop with a fake facebook acc (a month ago)
I click that's what happened next. I need to enter my email and password again to open the image or file. and, a few other characteristics, need to install it. I try to install, then the taskbar disappears and BSoD.
 
McLovin

McLovin

Level 78
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,228
The people that make the viruses and malware are getting better at hiding them. What next we will be recieving some in the paper mail.
 
WinAndLinuxTutorials

WinAndLinuxTutorials

Level 4
Verified
Honorary Member
Aug 23, 2011
2,291
Till now, I haven't seen a link to a picture in facebook that starts with facebook.com. An example is the link of this picture: s-static.ak.facebook.com/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
Most of the picture links I see are in this form, isn't it?
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
This vector is really common nowadays yet its really clever that the link was send by the people itself. Since they didn't aware that its a bot sending the link which turn to be malicious.
 
Status
Not open for further replies.

Similar threads

I
    • Like
Serious Discussion DuckDuckGo AI Chat
Replies
1
Views
399
Chatbots and AI
Bot
Bot
Gandalf_The_Grey
    • Like
New Update WhatsApp and Messenger users in Europe to get third-party chat options
Replies
3
Views
268
Social media
enaph
enaph
silversurfer
    • Like
    • +Reputation
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Replies
0
Views
1,171
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top