Info-stealing Dorkbot worm spreading on Facebook
Posted on 16.05.2013
The Dorkbot worm, which first appeared in 2011 and has since been spreading via removable drives, IM programs and social networks, is currently targeting Facebook users.

The worm is delivered to potential victims via a chat message that appear to be coming from a friend and, at first glance, the link looks like it should take users to a regular JPG image file hosted on MediaFire.

But the file is actually an executable, and once run, it infects the targets' computer, tries to prevent the installed AV solution(s) from applying security updates, and then lies in wait, spying on the victimsí browsing activities and stealing their personal details and login credentials.

The IRC-based Dorkbot receives commands from a C&C server, and is capable not only of making the computer participate in DDoS attacks, but also of downloading additional malware.

According to Bitdefender, over 9,000 malicious links pointing to the malware have been detected in 24 hours, but Facebook is reacting quickly and blocking them.

"Users should avoid clicking on suspicious links on Facebook chat or other IRC networks, even when they seem to be coming from friends," Bitdefender researchers advise.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //