Facebook scam promises naked videos of friends, delivers Trojans instead
Posted on 10.03.2014
Bitdefender has discovered that more than 1,000 people have already been tricked into installing Trojan malware after clicking on a new Facebook scam that promises naked videos of their friends. The UK was the second most affected country by number of users and infections were also detected in France, Germany, Italy and Romania.


The scam, now spreading on the social network, can multiply itself by tagging users’ friends extremely quickly. To avoid detection, cybercriminals vary the scam messages by incorporating the names of Facebook friends alongside “private video,” “naked video” or “XXX private video.”

“When clicking the link that promises videos of their friends naked, users are redirected to a fake YouTube website where a FlashPlayer.exe file deploys a Trojan,” states Catalin Cosoi, Chief Security Strategist at Bitdefender. “A fraudulent web page advises that Adobe Flash Player has crashed and an update to the latest version is required. The malware then installs a browser extension capable of posting the scam on users’ behalf and stealing their Facebook pictures.”

To increase the infection rate, the malware has multiple installation possibilities. Besides the automated and quick drop on the computer or mobile device, it also multiplies itself when users click the fake Adobe Flash Player update.

To make the scam more credible, cybercriminals faked the number of views of the adult video to show that over 2 million users have allegedly clicked on the infected YouTube link. To add another touch of realism, the malware creators also added a message that the video is “age-restricted” based on Community Guidelines.

The malware has been detected by Bitdefender Labs as Trojan.FakeFlash.A (Trojan.GenericKD.1571215), while the fake YouTube link is marked as a fraudulent attempt.





Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //