CYBER NEWS

New Facebook Scam Promises Adult Footage of Emma Watson

New-Facebook-Scam-Ema-WatsonA new Facebook scam lures users with a private video of the actress Emma Watson but injects a load of Trojans in the compromised computers instead.

It is the same old story – the user gets a message about the latest celebrity scandal or other irresistible information, but to see the video or read the article, etc. he is redirected to a scam webpage.

The Scam Is so Obvious, It Hurts

In order to make the story more believable, the crooks present the user with a fake YouTube page, where he allegedly can watch the video. This is supposed to be a red flag by itself, since it is well-known fact that the popular video sharing platform curates inappropriate content both automatically AND manually.

If the user does not smell the fire, and decides to click on the presented link anyway, the fact that he is asked to update the video player to the latest version so he could actually view the spicy footage of the famous actress, should set the alarm right away.

Security researchers have analyzed the file with alleged FlashPlayer update closely and found out that it was in fact a Trojan, which is configured to alter the configuration of the current browser on the affected machine and to block the access to the list of extensions. It also prevents the access to Facebook activity and settings.

A Trojan Capable of Hijacking Facebook Sessions

Trojan.JS.Facebook.A delivers malicious items in the installation folder of IE. The Trojan can also steal the anti-CSRF token, allowing the hackers to hijack a specific Facebook session and perform changes as if they were the actual user.

The researchers concluded that the Trojan can establish a connection to a C&C (Command and Control) server, employ scripts in order to access code from other webpages and get control over Facebook activity.

Apparently the hackers trying to make the most of the campaign before it is blocked. They are trying to make some money out of it as well, as the bad links redirect users to localized surveys. The surveys are presented in the users’ own language which is supposed to make the whole scam more believable. Although operations like this may seem harmful, users should underestimate the fact that personal data is required for the completion of the survey.

Experts believe that the scam relies on the massive leak of celebrity photos from the beginning of September.

Avatar

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...