HOW TO: Install a Facebook Trojan
Nov 8 at 4:04pm by
Facebook is not immune, it seems, to the many security expolits that have hit MySpace users over recent years. A so-called “Facebook trojan” is making its way around the site.
The trojan masquerades as a Facebook message with a title like “Nice dancing! Shouldn’t you be ashamed?” or “Some0ne thinks your special and has a *Hot_Crush* on you. Find out who it could be”.
This mail includes a link - to a free hosting site like GeoCities - that when clicked prompts the user to install an .exe file. The trojan then executes a worm called W32.Koobface that locates your Facebook cookies and proceeds to spam your Facebook friends with the same message. Here’s the step by step:
1. Get a Facebook message with a spammy subject line, think nothing of it
2. Click on a suspicious-looking link within that mail
3. Be running Windows (nothing wrong with that, of course)
4. Ignore all warning messages
If you’re a fairly savvy web user then, there’s no need to fear: not installing an .exe file from an unknown source is Internet Security 101. And yet, there’s word of a nuance that could catch fairly smart web users unaware: the trojan may also attempt to change the user’s profile by inserting links to the malicious page.
In short: a reminder to never, ever install and execute an .exe file from an unknown source. But we all make mistakes, and if you have been afflicted by W32.Koobface, Symantec has the fix.
—
Related Articles at Mashable | All That’s New on the Web:
Dangerous Malware Detected on MySpace, Bebo, Photobucket and More
Macs Don’t Have Trojans? Think Again
Skype Trojan Steals Your Info
Chatosky - Skype Worm Running Wild
Facebook Brings on New CFO: YouTube’s Gideon Yu
Facebook JavaScript Now Live
Facebook Exporter for iPhoto Launches
Here is the original:
HOW TO: Install a Facebook Trojan
RSS feed for comments on this post · TrackBack URI
Leave a reply
You must be logged in to post a comment.