Main purpose of this malicious application is AD for certain another application.
To maximize its Advertising, distributor decided to use the news about death of Osama Bin Laden for using social engineering. Besides, if infected, this will automatically write on his friends' wall including infectable link.
Therefore, users who usually use Facebook need special attention.
2. Spreading path and symptoms of infection
You can see this following image in Facebook.
With the process from "STEP 1 ~ STEP 3", infected user's wall will be written about that post, and "Request for Permission" window will appear to allow advertising, distribution, and posting.
Clicking "Allow" will grant some permission and show this figure as following.
Clicking "Play Games Win Coins NOW!" button in red box, the page will be moved about that social game page.
In here, you can play Facebook's social game.
This can generate related post on the user's or user's friends' wall.
Of course, even though granted permissions haven't damaged user so far, with the rising of security threats, we have to remove any possibilities of being infected.
3. How to prevent
In case of this kind malicious files can be distributed as an attachment on e-mail related the death of Osama Bin Laden including image, video or any links. Check the references below.
[Account] -> [Account Settings] -> [Applications] -> Click "Edit" in where you want to remove -> Remove app
* Furthermore, these malicious files related death of Osama Bin Laden are emerging these days as following.
[Osama Bin Laden Death Scams]
http://ericamos.com/5-4-3-2-1-osama-bin-laden-death-scams/
[May 3 CVE-2010-3333 DOC Courier who led U.S. to Osama bin Laden's hideout identified ]
http://contagiodump.blogspot.com/2011/05/may-3-cve-2010-3333-doc-courier-who-led.html
[Blackhat SEO and Osama Bin Laden's death]
http://www.securelist.com/en/blog/6202/Blackhat_SEO_and_Osama_Bin_Laden_s_death
[Yes, Fotos_Osama_Bin_Laden.exe is Malware]
http://www.f-secure.com/weblog/archives/00002152.html
http://ericamos.com/5-4-3-2-1-osama-bin-laden-death-scams/
[May 3 CVE-2010-3333 DOC Courier who led U.S. to Osama bin Laden's hideout identified ]
http://contagiodump.blogspot.com/2011/05/may-3-cve-2010-3333-doc-courier-who-led.html
[Blackhat SEO and Osama Bin Laden's death]
http://www.securelist.com/en/blog/6202/Blackhat_SEO_and_Osama_Bin_Laden_s_death
[Yes, Fotos_Osama_Bin_Laden.exe is Malware]
http://www.f-secure.com/weblog/archives/00002152.html
To keep safe from this kind of malicious file we recommend user obey the safety precautions as following :
Security management tips
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Be careful on clicking shorten URL.
4. Download applications from its official site directly.
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Be careful on clicking shorten URL.
4. Download applications from its official site directly.
No comments:
Post a Comment