• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

New MySpace and Facebook Worm Target Social Networks

August 17, 2008

Views: 7,238

[ad]

Well another reason for you guys (and gals) to avoid social networks, a new worm is spreading. Again they are using the same ploys that have been leveraged for years on e-mail and instant messaging.

Trust is gained as the message or link/video/etc comes from a known source so people are more likely to click/open/play it and infect themselves.

Just because a “friend” sends you something on Facebook or MySpace doesn’t mean you should trust it.

A new worm is spreading via Facebook and MySpace, turning victims’ computers into zombies on a botnet, Kaspersky Lab said on Friday.

Basically, infected machines are propagating the worm by sending messages via the social networks to friends in the network.

The messages look like they contain links to video clips. When clicked on they prompt the recipient to download an executable file that purports to be the latest version of Flash Player. Instead, it is the worm itself, infecting yet another victim.

It seems this one is not just interested in spamming your wall or putting something stupid or embarrassing in your profile.

This social networking worm is another vector for installing an actual executable on your computer and turning your machine into a zombie.

When infected machines log onto the social networks the next time their computers automatically send the malicious messages out to new victims grabbed from the friend list, said Ryan Naraine, security evangelist at Kaspersky.

“We’ve seen these types of worms before, typically around MySpace,” he said. “People are more trusting of things they receive from a friend,” and many people don’t recognize that what they are downloading isn’t a legitimate Flash Player file, but a malicious program.

Naraine repeated the refrain that security professionals have been spreading for years: be careful about downloading anything to your computer, even if it appears to come from a friend; and be diligent about applying security patches to your computer.

The same warnings apply to this as anything else, don’t download unknown executables! Definitely don’t install anything that you didn’t download yourself and have scanned with an up to date antivirus package.

Even if it comes from someone you know it doesn’t mean they actually sent it, you better ask them first if they really meant to send it or they are infected with something.

Source: Cnet (Thanks to Navin)

Related Posts:

  • An Introduction To Web Application Security Systems
  • UFONet - Open Redirect DDoS Tool
  • What You Need To Know About KRACK WPA2 Wi-Fi Attack
  • Facebook Disabled Flash For Video Finally
  • Privacy Implications of Web 3.0 and Darknets
  • Should US Border Cops Need a Warrant To Search Devices?
Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Malware, Privacy, Web Hacking Tagged With: facebook, facebook security, facebook worm, malware, Privacy, web-application-security, worms



Reader Interactions

Comments

  1. Morgan Storey says

    August 18, 2008 at 12:14 pm

    Thanks Navin. Interesting, unfortunately this is just more non-it’s getting duped to run something they shouldn’t.

    @Darknet: so where can we submit articles? You have my email address, but I don’t have yours (can’t find it on the site). PS my offer still stands to assist moderating posts, or heck moderate a forum and move most of the post out of comments.

  2. Pantagruel says

    August 18, 2008 at 1:14 pm

    Again the human factor is put to the test.
    Can he/she resist the temptation of opening the attachment from an unknown source, perhaps these finally do contain X-rated pic of the favorite musician/actor/…

    @Morgan Storey
    Use the Contact Darknet option http://www.darknet.org.uk/contact-darknet

  3. Navin says

    August 18, 2008 at 2:53 pm

    @ Pantagruel needn’t be a actor/actress……last yr during the soccer world cup, a worm which was titled “|\|ude Soccer World Cup” infected thousands of users who clicked on it

    Guess “|\|ude” is the key word

    BTW Cheers :)

    And I repeat, Damn the Spam filter!!!!!! :(

  4. Morgan Storey says

    August 19, 2008 at 12:15 am

    @Navin and Pantagruel: A long time ago I had a firewall that created a fake C drive that an attacker would see if they got through, I filled it with a tiny win95 install and in my documents I had Diablo3_secretdemo.exe which was just a renamed virus I had saved and tweaked so that it basically crashed the target and didn’t spread, I only got two skiddies. I watched it in the logs ip blah connected… ip blah change directory, IP blah downloaded Diablo3_secretdemo.exe ip blah uploaded sub7.exe, ip blah dropped connection… hahahah.
    See not all motivators are sex.
    Thems where the days though.

    @Navin: I think a moderated system, or login system would be better.

    @Darknet: I have been checking out your other blogs, and email is on its way with some ot questions.

  5. eM3rC says

    August 19, 2008 at 5:29 am

    I understand that people will fall for the nude pics or free games but there are also the people that had their kids set up a facebook profile for them or were convinced by their kids to set up an email.

    With this in mind, many people will fall for these scams just because they have no knowledge of the computer world, period. This includes random things they get on social networks to getting basic protection for their computer.

    Knowledge is power and protection, too many people don’t have this :P

  6. Navin says

    August 19, 2008 at 7:32 am

    Hey which firewall was that?? Would love to take it on a spin….one of my fave pastimes is bugging skiddies who’re constantly on my back!! :)

  7. Morgan Storey says

    August 19, 2008 at 8:24 am

    @Navin: Your lucky I have a mind like a steal trap, I remembered what it was called, it only defeats the Netbus trojan attack, so you will need to have your firewall open (nat etc), even then I don’t like your chances, this was a worry to me back in 98, but now…
    http://www.megasecurity.org/Security/netbuster1.31.htm

    I just thought of one though, as I have seen a lot of VNC traffic hit firewalls and even servers in the past. Simply create a VM, put the 4.11 RealVNC on it (known vulerability that allows no password to be defined by the client) and on the unlocked desktop put a file that you have constructed to do something nasty, then let them at you :P
    I have a weekend project :P

  8. Pantagruel says

    August 19, 2008 at 8:46 am

    @Morgan Storey

    True, the possible finding of a yet to appear piece of software will definitely attract attention.

    I’ve had a honeypot running for several month but disconnected it eventually. I got fed up with all the skiddies having a go at it. Our email/web/ssh/etc server still gets attacked twice (on average) a day (ssh brute forcing,dir traverse trials,etc) which gives me enough logs to peruse.

    have phun with your weekend project ;)

  9. Navin says

    August 19, 2008 at 11:31 am

    10x U Morgan for the link, but this isn’t what I’d initially thought it was :(

    But do report on how Ur “project” turns out!! :)

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

Views: 179

Automated internet traffic will now overtake human activity, presenting sophisticated cyber threats … ...More about Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

TREVORspray - Credential Spray Toolkit for Azure, Okta, OWA & More

TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More

Views: 342

TREVORspray is a purpose-built password spraying utility designed for red teams and offensive … ...More about TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More

Force Push Scanner - Hunt GitHub Dangling Commits for Leaked Secrets

Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets

Views: 349

Force Push Scanner is an offensive security tool that identifies secrets inadvertently left in … ...More about Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets

Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

Views: 5,495

Darknet marketplaces remain central to illicit trade in 2025, with evolving business models, payment … ...More about Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

Caracal - Rust eBPF Rootkit for Stealthy Post-Exploitation

Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation

Views: 519

Caracal is a new Rust-based eBPF (extended Berkeley Packet Filter) rootkit that provides a stealth … ...More about Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation

Windows_EndPoint_Audit - Endpoint Security Auditing Toolkit

Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit

Views: 575

Windows_EndPoint_Audit from ITAuditMaverick introduces a powerful method for offensive security … ...More about Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit

Topics

  • Advertorial (28)
  • Apple (46)
  • Cloud Security (2)
  • Countermeasures (231)
  • Cryptography (84)
  • Dark Web (1)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (432)
  • Forensics (65)
  • GenAI (4)
  • Hacker Culture (9)
  • Hacking News (231)
  • Hacking Tools (688)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (240)
  • Networking Hacking Tools (353)
  • Password Cracking Tools (105)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (119)
  • Security Software (236)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (170)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker Hacker – Download brutus-aet2.zip AET2 (2,333,834)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,359)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,839)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,813)
  • Password List Download Best Word List – Most Common Passwords (933,804)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,476)
  • Hack Tools/Exploits (673,480)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,461)

Search

Recent Posts

  • Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation July 16, 2025
  • TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More July 14, 2025
  • Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets July 11, 2025
  • Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends July 9, 2025
  • Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation July 7, 2025
  • Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit July 4, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy