Get Rid of My Secret Video Facebook Spam - How to, Technology and PC Security Forum | SensorsTechForum.com

Get Rid of My Secret Video Facebook Spam

A new Facebook spam of a malicious link connected with request.blob.core.windows.net has been spreading vigorously via users. Security researchers believe that the scam itself is redistributed by malicious software affecting primarily android devices, because after clicking on the questionable spam link, the user receives redirect to a web page prompting to ‘update’ Android. Security researchres strongly advise users to back up their phone contacts and other information on external devices after which use the manuals below to factory reset their android devices. It is also advisable to change all of your passwords, especially the Facebook password.

NameMy Secret Video Facebook Spam
TypeMalicious Redirect/Malicious script/Spam Bot
Short DescriptionRedirect to a fake upgrade of Android, flash player or java.
SymptomsAfter installing the malicious application the user may see posts on his Facebook profile without his consent.
Distribution MethodClicking on malicious links distributed via spam in the friend list of the user under the title ‘Check my secret video:’.
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by My Secret Video Facebook Spam
User ExperienceJoin our forum to discuss about My Secret Video Facebook Spam.

My Secret Video Facebook Spam – How Did I Get It?

One way you may have started seeing posts that you haven’t made featuring the hxxps://request(.)blob.core(.)windows(.)net/h172/1se
web link embedded in them is by clicking on the link itself. By default if you click on the link it may react differently for every OS. We have visited it from an android device and after 5 redirects we were redirected to the following page:

Android fake upgrade

The web page displays a fake android upgrade prompt which some users may install. In reality, virus researchers are convinced that this is a malicious application which obtains permissions to many different key processes that manage the applications, the phone itself and the information in its memory. Once installed, the ‘upgrade’ may initiate scripts that give it permission to automatically post on your behalf.

My Secret Video Facebook Spam – More about It

Once installed on your device the Android ‘Upgrade’ may request and obtain read and write permissions as well as permissions to manage the installed applications of the device. The software then displays the following post:

android spam

The post itself tags the maximum number of no more than 50 users in the friend list of the profile it posts from. This is done along with the web link being repeated several times. When opened the web link starts bouncing from URL to URL and after 5 redirects it transfers the user to ms.offer-wonder.info – the site offering the ‘upgrade’.

Even though it is not confirmed, this particular phone malware may also interact with the device`s SIM card, in a malicious way. It may charge the user a lot of money for automatic messaging service without the user`s consent.

My Secret Video Facebook Spam – What to do If I Am Infected

In case you have install this application a simple uninstall from your app manager wont cut it. You should extract all your important data from your phone on a memory stick, upload it in the cloud, back it up or copy it to your computer. Copying the data to your computer by connecting to it is not advisable since the malware may download malicious files that infect PCs and influence it in this way. The truth is it really depends but you shouldn`t risk connecting your phone to the computer before securing it. In case you do not have any other option, we recommend to install external firewall on your PC such as ZoneAlarm, for example and an anti-malware program that will detect any intrusions since most modern anti-malware tools are phone compatible as well.

In case you have opened the spam link on your computer and you suspect you have downloaded other malicious files such as fake Java or Flash update or similar executables, you should boot your PC in safe mode and scan it now, tutorial for which you may find below:

1. Boot Your PC In Safe Mode to isolate and remove My Secret Video Facebook Spam
2. Remove My Secret Video Facebook Spam with SpyHunter Anti-Malware Tool
3. Remove My Secret Video Facebook Spam with Malwarebytes Anti-Malware.
4. Remove My Secret Video Facebook Spam with STOPZilla AntiMalware
5. Back up your data to secure it against infections by My Secret Video Facebook Spam in the future

And here is a manual on how to act in case you have installed such application on your Android smartphone:

IMPORTANT!!! Make sure you back up all your data and export all your contacts either to your SIM card or to other places.

Step 1: Boot Your Smartphone into Safe Mode:

android-safe-mode

For RAZR Droid Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Switch the phone on.

3.You should see a Motorola Dual Core screen appearing. You should press and hold the Volume up, and Volume Down keys on the side of the smartphone. Hold them until the lock screen shows up with ‘Safe Mode’ written in the lower corner.

For HTC Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Turn on your phone while simultaneously holding down the Menu Button. When it starts, keep pressing the Menu Button until you see ‘Safe Mode’ menu appearing in the lower corner.

For Nexus devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on the phone.
3.When the welcome Logo Screen shows up, hold the trackball while pressing it until a lock screen shows up, or you see ‘Safe Mode’ written in the bottom corner.

For Other Motorola Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Hold down the Menu Button after you press it while turning on the phone. When it boots, hold the button down upon seeing the lock screen or feeling the phone vibrate.

For Moto G Devices:
1.Press the Power Button and hold it on until the list with options pop-up.
2.Hold the Power off button and wait for a ‘Reboot to Safe Mode’ option to appear.
3.Tap it and let the phone reset.

For Samsung Galaxy Devices:

1.While the device is on, hold down the Power Button and wait for the Options List.
2.Wait for a ‘Restart to Safe Mode’ option to appear.
3.Choose this setting. The device will restart.

After you have backed up your files, you should perform a clean wipe-out of your phone. This can happen either via one of the options in Safe Mode or by entering your device’s Recovery Mode. Several methods exist in order to enter Recovery Mode of your device:

reboot-system

For Nexus Devices: – Hold the Volume Down + Volume Up + Power button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option. Nexus 4 may work with Volume Up + Power + Volume Down.

For Samsung Devices: – Hold the Volume Up + Power Button + Home Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option.

For Motorola Droid X Devices: Hold the Home Button + Power Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset setting.

For other devices with camera buttons on them: Hold the Volume Up + Camera Button until a Recovery Menu appears. After this, you should choose the Wipe Data/Factory reset option.

Also in case you have backed up your device in a Google Account, you will be able to restore your data after a complete wipe-out by just logging into your Google Account with you email and password.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.