A new Facebook spam of a malicious link connected with request.blob.core.windows.net has been spreading vigorously via users. Security researchers believe that the scam itself is redistributed by malicious software affecting primarily android devices, because after clicking on the questionable spam link, the user receives redirect to a web page prompting to ‘update’ Android. Security researchres strongly advise users to back up their phone contacts and other information on external devices after which use the manuals below to factory reset their android devices. It is also advisable to change all of your passwords, especially the Facebook password.
| Name | My Secret Video Facebook Spam |
| Type | Malicious Redirect/Malicious script/Spam Bot |
| Short Description | Redirect to a fake upgrade of Android, flash player or java. |
| Symptoms | After installing the malicious application the user may see posts on his Facebook profile without his consent. |
| Distribution Method | Clicking on malicious links distributed via spam in the friend list of the user under the title ‘Check my secret video:’. |
| Detection Tool | Download Malware Removal Tool, to See If Your System Has Been Affected by My Secret Video Facebook Spam |
| User Experience | Join our forum to discuss about My Secret Video Facebook Spam. |
My Secret Video Facebook Spam – How Did I Get It?
One way you may have started seeing posts that you haven’t made featuring the hxxps://request(.)blob.core(.)windows(.)net/h172/1se
web link embedded in them is by clicking on the link itself. By default if you click on the link it may react differently for every OS. We have visited it from an android device and after 5 redirects we were redirected to the following page:
The web page displays a fake android upgrade prompt which some users may install. In reality, virus researchers are convinced that this is a malicious application which obtains permissions to many different key processes that manage the applications, the phone itself and the information in its memory. Once installed, the ‘upgrade’ may initiate scripts that give it permission to automatically post on your behalf.
My Secret Video Facebook Spam – More about It
Once installed on your device the Android ‘Upgrade’ may request and obtain read and write permissions as well as permissions to manage the installed applications of the device. The software then displays the following post:
The post itself tags the maximum number of no more than 50 users in the friend list of the profile it posts from. This is done along with the web link being repeated several times. When opened the web link starts bouncing from URL to URL and after 5 redirects it transfers the user to ms.offer-wonder.info – the site offering the ‘upgrade’.
Even though it is not confirmed, this particular phone malware may also interact with the device`s SIM card, in a malicious way. It may charge the user a lot of money for automatic messaging service without the user`s consent.
My Secret Video Facebook Spam – What to do If I Am Infected
In case you have install this application a simple uninstall from your app manager wont cut it. You should extract all your important data from your phone on a memory stick, upload it in the cloud, back it up or copy it to your computer. Copying the data to your computer by connecting to it is not advisable since the malware may download malicious files that infect PCs and influence it in this way. The truth is it really depends but you shouldn`t risk connecting your phone to the computer before securing it. In case you do not have any other option, we recommend to install external firewall on your PC such as ZoneAlarm, for example and an anti-malware program that will detect any intrusions since most modern anti-malware tools are phone compatible as well.
In case you have opened the spam link on your computer and you suspect you have downloaded other malicious files such as fake Java or Flash update or similar executables, you should boot your PC in safe mode and scan it now, tutorial for which you may find below:
1. For Windows 7,XP and Vista.
2. For Windows 8, 8.1 and 10.
1. Install SpyHunter to scan for and remove My Secret Video Facebook Spam.
1. Install Malwarebytes Anti-Malware to scan for and remove My Secret Video Facebook Spam.
1. Install STOPZilla Anti Malware to scan for and remove My Secret Video Facebook Spam.
1. For Windows 7 and earlier
And here is a manual on how to act in case you have installed such application on your Android smartphone:
IMPORTANT!!! Make sure you back up all your data and export all your contacts either to your SIM card or to other places.
Step 1: Boot Your Smartphone into Safe Mode:
For RAZR Droid Devices:
1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Switch the phone on.
3.You should see a Motorola Dual Core screen appearing. You should press and hold the Volume up, and Volume Down keys on the side of the smartphone. Hold them until the lock screen shows up with Safe Mode written in the lower corner.
For HTC Devices:
1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on your phone while simultaneously holding down the Menu Button. When it starts, keep pressing the Menu Button until you see Safe Mode menu appearing in the lower corner.
For Nexus devices:
1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on the phone.
3.When the welcome Logo Screen shows up, hold the trackball while pressing it until a lock screen shows up, or you see Safe Mode written in the bottom corner.
For Other Motorola Devices:
1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Hold down the Menu Button after you press it while turning on the phone. When it boots, hold the button down upon seeing the lock screen or feeling the phone vibrate.
For Moto G Devices:
1.Press the Power Button and hold it on until the list with options pop-up.
2.Hold the Power off button and wait for a Reboot to Safe Mode option to appear.
3.Tap it and let the phone reset.
For Samsung Galaxy Devices:
1.While the device is on, hold down the Power Button and wait for the Options List.
2.Wait for a Restart to Safe Mode option to appear.
3.Choose this setting. The device will restart.
After you have backed up your files, you should perform a clean wipe-out of your phone. This can happen either via one of the options in Safe Mode or by entering your devices Recovery Mode. Several methods exist in order to enter Recovery Mode of your device:
For Nexus Devices: Hold the Volume Down + Volume Up + Power button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option. Nexus 4 may work with Volume Up + Power + Volume Down.
For Samsung Devices: – Hold the Volume Up + Power Button + Home Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option.
For Motorola Droid X Devices: Hold the Home Button + Power Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset setting.
For other devices with camera buttons on them: Hold the Volume Up + Camera Button until a Recovery Menu appears. After this, you should choose the Wipe Data/Factory reset option.
Also in case you have backed up your device in a Google Account, you will be able to restore your data after a complete wipe-out by just logging into your Google Account with you email and password.
