Ramblings of an old Doc

Facebook most blacklisted site on the net.

I just read this article on TheWindowsClub.com informing on the latest Facebook fiasco and that while supposedly increasing their security measures.

Emsisoft has reported a massive outbreak of new Facebook Malware. One variant even hijacks the user’s Facebook account. Interestingly, it’s passed by using their instant messenger.

Hardly surprising at the site where it’s founder, Mark Zuckerberg’s account was hacked.

Emsisoft discovered the activities of the Facebook threat Trojan-Downloader.Win32.FraudLoad.

Now there is a new version, taking over ones complete Facebook account!

Users of Emsisoft Anti-Malware are already protected from the new variant detected as Worm.Win32.Yimfoca!A2 or Trojan.Win32.Scar!IK.

 

From The Window’s Club: “This Malware uses the Facebook chat system to spread through users. It sends messages to the friends of an infected user, and a link. This link leads to a fake Facebook page stating  “Photo has been Moved.” Everyone clicking “View Photo” obtains the Malware file without even knowing it.”

They go on to explain that “as soon as the file is executed, another browser window is opened,  and either a harmless Myspace or Google page will be opened. The Malware, however remains active invisibly in the background. As soon as the user opens his Facebook account, the malware becomes active again and sends out new photo messages to all friends of the victim. During the next login at Facebook, the login page will be blocked and the malware shows a “Scam Survey” message together with the link “Win an Apple product”. If followed, the user will end up a web page with advertisements or affiliate links.”

“A second variant of this Trojan-Virus shows the message “Today is our 6th Birthday!”, as soon as the Facebook account is opened. If the user changes back to his login page, he sees “Your account has been suspended! The suspend will be released after 80 minutes. The suspend will be disabled only if you fill out one survey!”. The account is not suspended. It’s just a false message from the malware, says Emsisoft. Again the link does not lead to a survey, but to the advertisement page.”

Source: http://www.thewindowsclub.com/new-malware-captures-facebook-account-warns-emsisoft#ixzz1D2V2hKx6


Comments (Page 2)
3 Pages1 2 3 
on Feb 06, 2011

Certain things JC 'are' more important. Family for one. And you're right about the risk but in all things there is an upside and a downside, the good with the bad as it were. Keeping backups up to date and restricting who has access is about the best any one can do.

Actually, I think the best and safest thing to do would be to nuke your fb account.

on Feb 06, 2011

"Actually, I think the best and safest thing to do would be to nuke your fb account."

Doc I appreciate your post. Do not get me wrong it has a lot of merritt but I am not about to get rid of my account. Its just to valuable a tool for me at this time. If I get hit with something then you can say I told you so. It is more likely to happen if your not facebook savvy. I had got things from friends that I will just not open. I tell them sorry and explain the reason for my concern. 

 

The Packers just won.

on Feb 06, 2011

Facebook.... MEH   Don't have an account and never will.

Apart from being not that 'social', it has a very high profile and inevitably will be the target of miscreants seeking fun at the expense of others.

However, I will inform Shaunna of this when she gets home from town.  Her account was recently hacked and used to send other members bad stuff, so now I'll need to check out her rig for malware, etc.

on Feb 06, 2011

I know it'll hurt her to find this stuff out as she has such a good time there, mate. Still, better to find out before any serious financial damage is done....

Please tell Shaunna that I'm sorry to be the bearer of ill tidings... only trying to protect friends.

on Feb 06, 2011

DrJBHL



Quoting Uvah,
reply 13
Certain things JC 'are' more important. Family for one. And you're right about the risk but in all things there is an upside and a downside, the good with the bad as it were. Keeping backups up to date and restricting who has access is about the best any one can do.


Actually, I think the best and safest thing to do would be to nuke your fb account.

I see your account is still active?

on Feb 07, 2011

I know. I tried to delete it or get them to do it but no go. Twice emailed them.

on Feb 07, 2011

I keep it only because I don't know how friends would take it were I to close it down. You can't even really close it... you 'suspend' for 6 months then have to decide. I have a host of high school friends and others who came through life, like those here.

The safest thing to do would be to nuke it. Here at WC, I still have Ed's old PM's because I can't bring myself to discard them. I don't visit fb often. I don't accept 'gifts' from friends nor play any games and don't use the im.

I suppose I could ask everyone his email, but doing that more than 100 times daunts me. I think today's the day to suspend it and if things don't improve there to end it. I can only justify doing that by thinking about everything I might lose if I don't. Despite backing up.

*done - This is the message I posted on my Wall:

I'm suspending and probably going to end this account because of all the security breaches here. To all my friends, please send your email so we can keep in touch.
Sorry to take this step, but I don't see an alternative.

Not likely. I informed them that the reason I was leaving was the Malware attacks on their site and lack of security.

on Feb 07, 2011

As I do not use Facebook, I think I am safe from the bugs.  But this article prompts the following observation.  About 2 weeks ago, Fox News Ran an article about "Has Facebook Peaked?".  It was just a speculative article, with not a lot of substance.

But over the past 6 months there have been a handful of Facebook articles on Stardock.  And I have noticed a trend.  6 months ago, those of us who did not like it were in the definite minority.  But reading the comments here today, the best accolade I see for it is "I have no choice", hardly a ringing endorsement.

I think Fox may have been right.  Like MySpace before it (and all the other fads), I think Facebook is now in decline.  You will not see the numbers for it soon, but eventually I think historians will look back on 2010 as the year that killed facebook - because of malware and privacy issues.

on Feb 07, 2011

You might be interested in this article: http://tinyurl.com/yfutpcp


on Feb 07, 2011

You can't even really close it... you 'suspend' for 6 months then have to decide. I

Here's an Article on how to delete it.

However, The doc is right (as always). It disables it for 6 months before it is actually deleted. But it has to be "quiet", so this article steps you through the process.  They do not make it easy.

on Feb 07, 2011

This post is misleading. This isn't a facebook problem . . . facebook just happens to be the mechanism used to deliver the trojan. It's no different than IM or email in this regards.

Bottom line is stupid user's clicking on obviously fake links.

on Feb 07, 2011

There is nothing misleading at all in this Post.

There is a problem on facebook. One of many such problems there. That's a matter of fact, not conjecture. 

That all of the social networking sites will be targeted as well as the newer devices using apps, jailbroken, etc. does not change the veracity of this Post. Read some of the articles I have written on the subject.

And you're right: It's not a facebook problem. It's the problem of people having accounts there.

 

on Feb 07, 2011

DrJBHL
And you're right: It's not a facebook problem. It's the problem of people having accounts there.

It is the same argument as the "Microsoft bugs" one.  If they were not #1, the parasites would go elsewhere.  That they are makes them the target.  Not having tight security controls (which I know is anathema to the ease of use for end users) is the gas for the engine that drives the malware.

on Feb 07, 2011

^ correct.

on Feb 10, 2011

Except for having a report from a vendor I've never heard of that sounds like a little kid screaming "PAY ATTENTION TO ME" I got nothing.

Malware?  Never seen any spread through Facebook.  All I've seen is stupid people clicking links.  Which they do with email too.  And web pages.  And everything else on the Internet.

The safest thing to do with Facebook is the same thing as the rest of the internet.  Have a brain.

Unfortunately yes, I know people who fail at that.

3 Pages1 2 3