Facebook Market Win; Security Woes

Friday, May 18, 2012 @ 02:05 PM gHale

Facebook has had a great week on the financial front, however, on the security side they have issues confronting them.

There is now a worm snaking its way through computers using social media platforms like instant messaging or private messages to find victims.

One Unit Runs Blackhole Spam Series
Social Media Alert: Fake AV Hits Twitter
Socially Engineered Emails a Threat
IT Security: Physical, not Just Cyber

A piece of malware, identified as Worm_Steckct.evl, distributes via a link that’s sent in private messages on Facebook and IM programs, said Trend Micro researchers.

The shortened links contained in the posts point to an archive called “May09- Picture18.JPG_ www.facebook.com.zip” which hides a file named “May09-Picture18.JPG _www.facebook.com.” The .com extension reveals this is an executable file.

Once it runs, the worm terminates all the processes and services created by security software, thus ensuring antivirus applications cannot disrupt its mission.

Steckct.evl then downloads another worm, detected as Worm_Eboom.ac, which monitors the victim’s browsing sessions.

The malware doesn’t only log the posts and private messages the customer creates or deletes on Facebook, MySpace, Twitter, WordPress, or Meebo, but it also spreads by utilizing the user’s active session on these sites.

“Facebook and IM applications are tools to share and connect. Cyber criminals’ use of these tools is nothing new, but there are users who fall prey to these schemes. We recommend users to be conscious with their online behavior, in particular on social media sites,” said Cris Pantanilla, Threat Response Engineer at Trend Micro.

Social media users need to be wary of links that point to shady-looking websites or suspicious files.

Leave a Reply

You must be logged in to post a comment.