CYBER NEWS

New Facebook Scam Promises Adult Footage of Emma Watson

New-Facebook-Scam-Ema-WatsonA new Facebook scam lures users with a private video of the actress Emma Watson but injects a load of Trojans in the compromised computers instead.

It is the same old story – the user gets a message about the latest celebrity scandal or other irresistible information, but to see the video or read the article, etc. he is redirected to a scam webpage.

The Scam Is so Obvious, It Hurts

In order to make the story more believable, the crooks present the user with a fake YouTube page, where he allegedly can watch the video. This is supposed to be a red flag by itself, since it is well-known fact that the popular video sharing platform curates inappropriate content both automatically AND manually.

If the user does not smell the fire, and decides to click on the presented link anyway, the fact that he is asked to update the video player to the latest version so he could actually view the spicy footage of the famous actress, should set the alarm right away.

Security researchers have analyzed the file with alleged FlashPlayer update closely and found out that it was in fact a Trojan, which is configured to alter the configuration of the current browser on the affected machine and to block the access to the list of extensions. It also prevents the access to Facebook activity and settings.

A Trojan Capable of Hijacking Facebook Sessions

Trojan.JS.Facebook.A delivers malicious items in the installation folder of IE. The Trojan can also steal the anti-CSRF token, allowing the hackers to hijack a specific Facebook session and perform changes as if they were the actual user.

The researchers concluded that the Trojan can establish a connection to a C&C (Comando e controle) servidor, employ scripts in order to access code from other webpages and get control over Facebook activity.

Apparently the hackers trying to make the most of the campaign before it is blocked. They are trying to make some money out of it as well, as the bad links redirect users to localized surveys. The surveys are presented in the users’ own language which is supposed to make the whole scam more believable. Although operations like this may seem harmful, users should underestimate the fact that personal data is required for the completion of the survey.

Experts believe that the scam relies on the massive leak of celebrity photos from the beginning of September.

Avatar

Berta Bilbao

Berta é um pesquisador de malware dedicado, sonhando para um espaço cibernético mais seguro. Seu fascínio com a segurança de TI começou há alguns anos atrás, quando um malware bloqueado la fora de seu próprio computador.

mais Posts

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...