New Facebook worm poses as a screensaver

Like previous Facebook worms, the new malware uses stolen credentials to log into accounts and spam contacts.

Security researchers are warning of a new Facebook worm spreading quickly on the social networking platform by using stolen credentials to access the victim’s contact list.

Once run, it drops a cocktail of malicious files onto the system, including Zeus , a popular Trojan spyware capable of stealing user information from infected systems

Peter Kruse of CSIS

The worm, described by Danish security firm CSIS as a classic Facebook attack, infects users by using stolen credentials to spread via the victim’s contact list. The victim’s friends will see a .jpg file. Clicking on the file will open a malicious screensaver.

“Once run, it drops a cocktail of malicious files onto the system, including Zeus, a popular Trojan spyware capable of stealing user information from infected systems,” wrote Peter Kruse of CSIS.

The code is developed in Visual Basic 6.0 and contains code that helps trick users of virtual machines.

Kruse said the worm is continuing to actively spread because most antivirus programs are actively detecting the infection. In addition, the worm is collecting data about infected machines and offering up additional malware.

To protect against social networking worms, Facebook monitors user-generated content and detects traffic spikes from Web applications tied into its framework. Its systems can detect an unusual surge in messages sent in a short period of time, or messages with links that could potentially send users to attack websites. There’s no word on whether Facebook has blocked unusual activity tied to the latest worm.

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close