New Facebook Malware Spreading | Forum | WOT (Web of Trust)

Forum

All Forums
General discussion
New Facebook Malware Spreading

- MassimilianoF on Wed 05 Jan 2011
- 03:43:40 PM UTC
New Facebook Malware Spreading
I have just sent this e-Mail at abuse@fb.com

"Hi, I'm writing at you because what seems to be an user on my friend
list have been hacked in some ways and now is sending some sort of
MSN-Like scam messages through the chat system embedded on the FB
portal, in order to lure users on at this URL:
http://apps.facebook.com/hahahahahahh/photo.php?=1...

Surfing on that URI lead the user to an APPS page where the file
facebook-pic00005267.exe (with a Windows PNG icon) is proposed for the
download.

This is the VT report of the file:
http://www.virustotal.com/file-scan/report.html?id...

Please take action against this situation. This message has been sent to
this e-Mail address due to the absence of the "Report link" in the
guilty URI."

URIs: http://apps.facebook.com/hahahahahahh/photo.php?=1...
and http://apps.facebook.com/bestfunnypicever/photo.ph...

If you surf on that URIs, you can see that they apps are just a bouncer of a script pointed to: cysuite.com and golden-line.net.

--- MF IT-UESC - Protecting your Digital Experience. Now.
- Login or Register to post comments

Comments:

- Cytomat on Wed 05 Jan 2011
- 03:56:43 PM UTC
RE: New Facebook Malware Spreading
Facebook is full of addons with malware. They really need to monitor them more.
- Login or Register to post comments

- Jazspeak on Thu 06 Jan 2011
- 12:23:02 PM UTC
RE: New Facebook Malware Spreading
"Facebook is full of addons with malware. They really need to monitor them more."

There are lots of things that FB need to do to improve their trustworthiness but with 500 million accounts (victims?) do they care? Do they heck!

~Music is not just for the Masses~
- Login or Register to post comments

- leofelix on Wed 05 Jan 2011
- 05:22:24 PM UTC
RE: New Facebook Malware Spreading
here is the real url hxxp://cysuite.com/img/facebook-pic00005267.exe

here is what MBAM Pro real time protection detects

Uploaded with ImageShack.us

festina lente (hurry slowly)
- Login or Register to post comments
- charrox on Thu 06 Jan 2011
- 04:34:25 PM UTC
RE: New Facebook Malware Spreading
I can't understand the words in the picture. :D

Did you notice I put the "avatar" as my avatar!!
- Login or Register to post comments

- leofelix on Thu 06 Jan 2011
- 04:52:02 PM UTC
RE: New Facebook Malware Spreading
I can't understand the words in the picture. :D

Backdoor.BOT is universal

festina lente (hurry slowly)
- Login or Register to post comments

Keep in touch with us

Like us on Facebook
Follow us on Twitter
Keep up with what’s happening WOT blog.
Grab screenshots from Flickr

Help your friends surf safer!

Invite them to use WOT.

Support WOT’s development

Your generous contribution is appreciated by WOT’s add-on developers.

Contribute Now