A fake video malware attack is circulating under the guise of a Facebook message. Security firm Websense said that the attack spreads via emails posing as personal messages on Facebook, and uses the familiar 'fake codec' infection method.
The attack begins when the user is sent an email signed as a Facebook message with headlines such as 'dancing girl drunk in the pub' and 'super beautiful girl dancing'. The email then offers a link which appears to be from Facebook.
On clicking the link, users are directed to a third-party site designed to look like Facebook. The page loads what appears to be a video of a woman dancing, and then attempts to download an executable file under the name 'Adobe_Player11'.
The executable then infects the user with a malicious file that is believed to give an attacker remote access to the infected machine.
The use of Facebook as an attack vector has become increasingly popular with malware writers and distributors in recent months. Most recently, a rogue application known as
error check system spread over the site.
So-called 'fake codec' attacks are also a popular form of infecting users. Attack sites will often use sensational or pornographic movie files as a lure for malware infections disguised as video codecs.
{VNUNET}