Facebook scam promises naked videos of friends, delivers Trojans instead
Posted on 10.03.2014
Bitdefender has discovered that more than 1,000 people have already been tricked into installing Trojan malware after clicking on a new Facebook scam that promises naked videos of their friends. The UK was the second most affected country by number of users and infections were also detected in France, Germany, Italy and Romania.


The scam, now spreading on the social network, can multiply itself by tagging users’ friends extremely quickly. To avoid detection, cybercriminals vary the scam messages by incorporating the names of Facebook friends alongside “private video,” “naked video” or “XXX private video.”

“When clicking the link that promises videos of their friends naked, users are redirected to a fake YouTube website where a FlashPlayer.exe file deploys a Trojan,” states Catalin Cosoi, Chief Security Strategist at Bitdefender. “A fraudulent web page advises that Adobe Flash Player has crashed and an update to the latest version is required. The malware then installs a browser extension capable of posting the scam on users’ behalf and stealing their Facebook pictures.”

To increase the infection rate, the malware has multiple installation possibilities. Besides the automated and quick drop on the computer or mobile device, it also multiplies itself when users click the fake Adobe Flash Player update.

To make the scam more credible, cybercriminals faked the number of views of the adult video to show that over 2 million users have allegedly clicked on the infected YouTube link. To add another touch of realism, the malware creators also added a message that the video is “age-restricted” based on Community Guidelines.

The malware has been detected by Bitdefender Labs as Trojan.FakeFlash.A (Trojan.GenericKD.1571215), while the fake YouTube link is marked as a fraudulent attempt.





Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //