Facebook security threats wreaking havoc says PandaLabs

The first of the malwares, Asprox.N, is a trojan delivered via email informing users their Facebook account is being used to distribute spam and that, for security reasons, the login credentials have been changed.

The email, says Panda, includes a fake Word document attachment, supposedly containing the new password, with an unusual icon and the filename Facebook_details.exe.

"Deceiving victims by opening a .doc file upon opening the attachment, this file is really a Trojan that downloads another file designed to open all available ports, connecting to mail service providers in an attempt to spam as many users as possible", the vendor says.

The second new malware strain, Lolbot.Q, is distributed across instant messaging applications such as AIM or Yahoo!, with a message displaying a malicious link.

Clicking the link, says Panda, downloads a worm designed to hijack Facebook accounts, blocking users' access while informing that the account has been suspended.

"To 'reactivate' their account, users are asked to complete a questionnaire, promising prizes such as laptops and iPads. After several questions, users are asked to subscribe and enter their cell phone number, which is in turn charged a fee of $11.60 per week", adds Panda.

The bad news, Infosecurity notes, is that victims can only restore access to their Facebook account once they subscribe to the service and receive a new password.

Commenting on the latest problems with Facebook, Luis Corrons, PandaLabs' technical director, said that, once again cybercriminals are using social engineering to trick victims and infect them with malware.

"Given the increasing popularity of social media, it is no surprise that it is being exploited to lure victims", he said.

What’s hot on Infosecurity Magazine?