12345

5/03/2011

[Warning] Facebook malwares related Osama Bin Laden

1. Introduction

With death of Osama Bin Laden in Al-Qaeda, scam like of malicious applications on Facebook using social engineering is prevalent.
Main purpose of this malicious application is AD for certain another application.

To maximize its Advertising, distributor decided to use the news about death of Osama Bin Laden for using social engineering. Besides, if infected, this will automatically write on his friends' wall including infectable link.
Therefore, users who usually use Facebook need special attention.



2. Spreading path and symptoms of infection

You can see this following image in Facebook.



With the process from "STEP 1 ~ STEP 3", infected user's wall will be written about that post, and "Request for Permission" window will appear to allow advertising, distribution, and posting.



Clicking "Allow" will grant some permission and show this figure as following.
Clicking "Play Games Win Coins NOW!" button in red box, the page will be moved about that social game page.


In here, you can play Facebook's social game.



This can generate related post on the user's or user's friends' wall.


Of course, even though granted permissions haven't damaged user so far, with the rising of security threats, we have to remove any possibilities of being infected.



3. How to prevent

In case of this kind malicious files can be distributed as an attachment on e-mail related the death of Osama Bin Laden including image, video or any links. Check the references below.

[Account] -> [Account Settings] -> [Applications] -> Click "Edit" in where you want to remove -> Remove app



* Furthermore, these malicious files related death of Osama Bin Laden are emerging these days as following.





[Osama Bin Laden Death Scams]
http://ericamos.com/5-4-3-2-1-osama-bin-laden-death-scams/
[May 3 CVE-2010-3333 DOC Courier who led U.S. to Osama bin Laden's hideout identified ]
http://contagiodump.blogspot.com/2011/05/may-3-cve-2010-3333-doc-courier-who-led.html
[Blackhat SEO and Osama Bin Laden's death]
http://www.securelist.com/en/blog/6202/Blackhat_SEO_and_Osama_Bin_Laden_s_death
[Yes, Fotos_Osama_Bin_Laden.exe is Malware]
http://www.f-secure.com/weblog/archives/00002152.html

To keep safe from this kind of malicious file we recommend user obey the safety precautions as following :

Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Be careful on clicking shorten URL.
4. Download applications from its official site directly.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function such as malicious file stated above and runs responding system against various security threats.

No comments:

Post a Comment