Facebook malware scam takes hold

A link to malware purporting to be CNN coverage of a US attack on Iran is reaching hundreds of thousands of Facebook users

Cameron Scott (IDG News Service)
04 February, 2012 08:25
Comments

A "worrying number" of Facebook users are sharing a link to a malware-laden fake CNN news page reporting the U.S. has attacked Iran and Saudi Arabia, security firm Sophos said Friday.

If users who follow the link then click to play what purports to be video coverage of the attack, they are prompted to update their Adobe Flash player with a pop-up window that looks very much like the real thing. Those who accept the prompt unwittingly install malware on their computers.

Within three hours of the scam's first appearance, more than 60,000 users had followed a link to the spoofed CNN page, according to Sophos Senior Security Advisor Chester Wisniewski. Facebook removed that link, but others are still being shared.

"The bad guys are rotating through scam pages trying to stay ahead of Facebook," Wisniewski said.

Facebook did not immediately respond to a request for information on how widespread the problem was or whether its own security had been breached, but Wisniewski said that there are a number of ways that status updates could appear without users' knowledge. Their Facebook accounts could have been hacked, allowing a third party to update their status. It is also possible for scammers to exploit weaknesses in the social networking platform itself or in Web browsers to post a status update using Java Script.

A representative status update shown in a screenshot on the Sophos blog reads, "U.S. Attacks Iran and Saudia Arabia. F**k :-( [LINK] The Begin of World War 3?"

Users who accepted the Flash player update prompt installed a fake antivirus tool on their computers. That tool would then alert them that their computer is infected with malware that can be eliminated for a fee. Such scams are one of the most lucrative, Wisniewski said, noting the irony that they net far more money than the legitimate security products Sophos and other security companies peddle.

In addition to a healthy dose of skepticism that the U.S. would attack its ally Saudi Arabia, Facebook users can avoid the scam and others like it by updating Flash only from Adobe's own website rather than from pop ups.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

More about: Adobe, CNN, Facebook, NN, Sophos

References show all

US attacks Iran and Saudi Arabia? Malware spreads via Facebook status updates : Naked Security

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"Ich kenne einige Leute, die aus Kanadakommen. Eines Tages werde ich auch ..."

Australia's first 4G smartphone is the HTC Velocity 4G
"Actually when someone doesn't know then its up to other visitors that ..."

Swedish e-commerce startup's execs linked to NYC sex crime
"Hi to all, how is everything, I think every one is getting ..."

Face Time - Interview with John Brennan and Robert DiStefano
"I am truly thankful to the owner of this website who has ..."

How to implement next-generation storage infrastructure for Big Data
"hwjae , click here http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"

Pfizer's Future Depends on IT Transformation

Tags: cnn, Facebook, internet, Internet-based applications and services, malware, security, social networking

Latest Blog Posts

Whitepapers

Top 5 Threat Protection Best Practices
Small businesses are especially vulnerable to computer viruses and lost or stolen data, since they typically lack the IT resources to deal with these threats. Inadequately protected computers open the door to annoying infections, or worse, serious business disruption. Below are five simple and effective strategies to help you protect your business against an ever-increasing number of threats.

Learn more »
Traditional Backup is Dead - Are you prepared?
Conventional backup and recovery approaches clearly can't keep up with ever-growing storage rates. It's time to take on a new strategy.

Learn more »
HP Security Action Plan for Enterprise Printing and Imaging
Security is a part of how we work. When you walk through the front door of your office every morning, you probably pass a level of security. At your desk, it’s likely you log in to your computer and access files over a secure server. From security badges and ID cards to network firewalls and software security, it may seem like your organisation has taken every measure to protect its property, people and data. This action plan outlines a step-by-step approach to help you develop a plan that improves the security of your printing and imaging environment and boosts your business.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Teleworking made simple—and secure—with desktop virtualisation technology

Businesses of all sizes are increasingly focused on creating flexible work environments and offering telework options for employees. By administering policies and providing the technical capability for employees to work ...

Recent comments

"Ich kenne einige Leute, die aus Kanadakommen. Eines Tages werde ich auch ..."
Australia's first 4G smartphone is the HTC Velocity 4G
"Actually when someone doesn't know then its up to other visitors that ..."
Swedish e-commerce startup's execs linked to NYC sex crime
"Hi to all, how is everything, I think every one is getting ..."
Face Time - Interview with John Brennan and Robert DiStefano
"I am truly thankful to the owner of this website who has ..."
How to implement next-generation storage infrastructure for Big Data
"hwjae , click here http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"
Pfizer's Future Depends on IT Transformation

Follow CIO

Market Place

Cyber Security Summit 2012 | 1-3 August | Save $150 using promo code CSO | Check out agenda today

Gartner Security & Risk Management Summit, 16-17 July 2012, Sydney

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

Facebook malware scam takes hold

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

How to create a clear project plan

5 open source billing systems to watch

NBN Co focuses on continuous delivery to meet its deadlines

10 Tips for Dealing with a Bully Boss

Face Time - Interview with John Brennan and Robert DiStefano

Pfizer's Future Depends on IT Transformation

All Systems Down

IT service management going social

Australia's first 4G smartphone is the HTC Velocity 4G

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Teleworking made simple—and secure—with desktop virtualisation technology

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012