New MySpace and Facebook Worm Target Social Networks

The New Acunetix V12 Engine


Well another reason for you guys (and gals) to avoid social networks, a new worm is spreading. Again they are using the same ploys that have been leveraged for years on e-mail and instant messaging.

Trust is gained as the message or link/video/etc comes from a known source so people are more likely to click/open/play it and infect themselves.

Just because a “friend” sends you something on Facebook or MySpace doesn’t mean you should trust it.

A new worm is spreading via Facebook and MySpace, turning victims’ computers into zombies on a botnet, Kaspersky Lab said on Friday.

Basically, infected machines are propagating the worm by sending messages via the social networks to friends in the network.

The messages look like they contain links to video clips. When clicked on they prompt the recipient to download an executable file that purports to be the latest version of Flash Player. Instead, it is the worm itself, infecting yet another victim.

It seems this one is not just interested in spamming your wall or putting something stupid or embarrassing in your profile.

This social networking worm is another vector for installing an actual executable on your computer and turning your machine into a zombie.

When infected machines log onto the social networks the next time their computers automatically send the malicious messages out to new victims grabbed from the friend list, said Ryan Naraine, security evangelist at Kaspersky.

“We’ve seen these types of worms before, typically around MySpace,” he said. “People are more trusting of things they receive from a friend,” and many people don’t recognize that what they are downloading isn’t a legitimate Flash Player file, but a malicious program.

Naraine repeated the refrain that security professionals have been spreading for years: be careful about downloading anything to your computer, even if it appears to come from a friend; and be diligent about applying security patches to your computer.

The same warnings apply to this as anything else, don’t download unknown executables! Definitely don’t install anything that you didn’t download yourself and have scanned with an up to date antivirus package.

Even if it comes from someone you know it doesn’t mean they actually sent it, you better ask them first if they really meant to send it or they are infected with something.

Source: Cnet (Thanks to Navin)

Posted in: Malware, Privacy, Web Hacking

, , , , , ,


Latest Posts:


Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.


9 Responses to New MySpace and Facebook Worm Target Social Networks

  1. Morgan Storey August 18, 2008 at 12:14 pm #

    Thanks Navin. Interesting, unfortunately this is just more non-it’s getting duped to run something they shouldn’t.

    @Darknet: so where can we submit articles? You have my email address, but I don’t have yours (can’t find it on the site). PS my offer still stands to assist moderating posts, or heck moderate a forum and move most of the post out of comments.

  2. Pantagruel August 18, 2008 at 1:14 pm #

    Again the human factor is put to the test.
    Can he/she resist the temptation of opening the attachment from an unknown source, perhaps these finally do contain X-rated pic of the favorite musician/actor/…

    @Morgan Storey
    Use the Contact Darknet option http://www.darknet.org.uk/contact-darknet

  3. Navin August 18, 2008 at 2:53 pm #

    @ Pantagruel needn’t be a actor/actress……last yr during the soccer world cup, a worm which was titled “|\|ude Soccer World Cup” infected thousands of users who clicked on it

    Guess “|\|ude” is the key word

    BTW Cheers :)

    And I repeat, Damn the Spam filter!!!!!! :(

  4. Morgan Storey August 19, 2008 at 12:15 am #

    @Navin and Pantagruel: A long time ago I had a firewall that created a fake C drive that an attacker would see if they got through, I filled it with a tiny win95 install and in my documents I had Diablo3_secretdemo.exe which was just a renamed virus I had saved and tweaked so that it basically crashed the target and didn’t spread, I only got two skiddies. I watched it in the logs ip blah connected… ip blah change directory, IP blah downloaded Diablo3_secretdemo.exe ip blah uploaded sub7.exe, ip blah dropped connection… hahahah.
    See not all motivators are sex.
    Thems where the days though.

    @Navin: I think a moderated system, or login system would be better.

    @Darknet: I have been checking out your other blogs, and email is on its way with some ot questions.

  5. eM3rC August 19, 2008 at 5:29 am #

    I understand that people will fall for the nude pics or free games but there are also the people that had their kids set up a facebook profile for them or were convinced by their kids to set up an email.

    With this in mind, many people will fall for these scams just because they have no knowledge of the computer world, period. This includes random things they get on social networks to getting basic protection for their computer.

    Knowledge is power and protection, too many people don’t have this :P

  6. Navin August 19, 2008 at 7:32 am #

    Hey which firewall was that?? Would love to take it on a spin….one of my fave pastimes is bugging skiddies who’re constantly on my back!! :)

  7. Morgan Storey August 19, 2008 at 8:24 am #

    @Navin: Your lucky I have a mind like a steal trap, I remembered what it was called, it only defeats the Netbus trojan attack, so you will need to have your firewall open (nat etc), even then I don’t like your chances, this was a worry to me back in 98, but now…
    http://www.megasecurity.org/Security/netbuster1.31.htm

    I just thought of one though, as I have seen a lot of VNC traffic hit firewalls and even servers in the past. Simply create a VM, put the 4.11 RealVNC on it (known vulerability that allows no password to be defined by the client) and on the unlocked desktop put a file that you have constructed to do something nasty, then let them at you :P
    I have a weekend project :P

  8. Pantagruel August 19, 2008 at 8:46 am #

    @Morgan Storey

    True, the possible finding of a yet to appear piece of software will definitely attract attention.

    I’ve had a honeypot running for several month but disconnected it eventually. I got fed up with all the skiddies having a go at it. Our email/web/ssh/etc server still gets attacked twice (on average) a day (ssh brute forcing,dir traverse trials,etc) which gives me enough logs to peruse.

    have phun with your weekend project ;)

  9. Navin August 19, 2008 at 11:31 am #

    10x U Morgan for the link, but this isn’t what I’d initially thought it was :(

    But do report on how Ur “project” turns out!! :)