"Facebook color changer" app leads to malware, account hijacking
Posted on 11.08.2014
The change-your-Facebook-color scam is once again targeting inexperienced users of the social network, and they are once again falling for it. According to researchers from Cheetah Mobile, some 10,000 users have already been duped.

The scam takes the form of a malicious app:


Following the offered link leads users to a scammy website where they are instructed to view a color changer tutorial video, which will covertly steal the users' Facebook “access token," meaning that the scammers will be able to temporarily access their accounts and spread the scam further to their friends.

"If a user doesn’t view this video, it then tries a new way to spread the malicious software, by getting consumers to download a malicious application," warn the researchers.

"If a user is on a PC, the site leads them to download a pornography video player. If the user is on an Android device, it issues a warning saying the device has been infected and advises users to 'download now' a suggested app."

Users are advised to be wary of similar offers on Facebook, and those who have already fallen for the scam are urged to change their Facebook account password immediately, remove the "Facebook color changer" app from it, and use a legitimate AV solution to detect and remove any malicious software that might have been installed on their device.









Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //