Security researchers are warning of a brand new Facebook worm spreading quickly at the social networking platform because of stolen credentials to access the victim's contact list.
Once run, it drops a cocktail of malicious files onto the system, including Zeus, a well-liked Trojan spyware able to stealing user information from infected systemsPeter Kruse of CSIS
The worm, described by Danish security firm CSIS as a classic Facebook attack, infects users by utilizing stolen credentials to spread via the victim's contact list. The victim's friends will see a .jpg file. Clicking at the file will open a malicious screensaver.
“Once run, it drops a cocktail of malicious files onto the system, including Zeus, a well-liked Trojan spyware able to stealing user information from infected systems,†wrote Peter Kruse of CSIS.
The code is developed in Visual Basic 6.0 and contains code that helps trick users of virtual machines.
Kruse said the worm is continuous to actively spread because most antivirus programs are actively detecting the infection. Similarly, the worm is collecting data about infected machines and offering up additional malware.
To protect against social networking worms, Facebook monitors user-generated content and detects traffic spikes from Web applications tied into its framework. Its systems can detect an unusual surge in messages sent in a quick time frame, or messages with links that would potentially send users to attack websites. There is no word on whether Facebook has blocked unusual activity tied to the most recent worm.
Nessun commento:
Posta un commento
Comments links could be nofollow free