SCF Advanced Search

  • Total Posts: 40153
  • Total Topics: 14262
  • Online Today: 811
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Surge in Facebook Malware  (Read 2495 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum
Surge in Facebook Malware
« on: 16. October 2008., 12:48:18 »
We received reports from our colleagues in Hong Kong yesterday about more malware being distributed on Facebook.

If you're a Facebook user, you may get a message such as this, supposedly from a "friend". Since the message was sent by a friend, the likelihood that you would click on the link is much higher. Upon clicking the link, you would be redirected to a site that looks something like the one below.

Not surprisingly, the website will tell you that you need to update your Adobe Flash Player by downloading a file. Of course, no matter how many times you try, you don't get to see the video. You do get infected though.

When we investigated this yesterday, the links were down and obtaining a sample for analysis was not possible at that point in time. Thanks to Lordian however - who tried again after being woken up by his neighbors late last night — we succeeded in obtaining a sample, which is detected as Net-Worm.Win32.Koobface.bp. Depending on the user agent, might also be served up.

Incidentally, if you are using any platform other than Windows, you just get redirected to the real YouTube.

It looks as if Facebook is increasingly becoming a popular target for all sorts of attacks. You can read through the numerous topics on this issue at the Facebook Public Discussion Board. Do note that some of the discussion topics include live links though, so be careful what you click.

On a related note, we've noticed that there is a Facebook phish, live at and registered in China.


Samker's Computer Forum -

Surge in Facebook Malware
« on: 16. October 2008., 12:48:18 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising