SCCyberworld

Thursday, October 25, 2012

Offensive Facebook email leads to offensive Blackhole malware attack


Kuala Lumpur, Malaysia, October 25, 2012 –Facebook users are warned to be on their guard against unsolicited emails they might receive suggesting that someone has left an offensive comment about them on their wall.

Hi,
[REDACTED] commented on your Wall post.
[REDACTED] wrote: "you piece of shit!!!"
See the comment thread
Reply to this email to comment on this post.
Thanks,
The Facebook Team

Of course, if you were alert you would hopefully notice that whoever sent out the emails has done a pretty poor job at disguising the message as though it were really from Facebook - take a look at that From: address for instance,
comments@faceb00k.com

But there is always the danger that some computer users will be tricked into clicking on the link.
And if you do make the mistake of clicking to find out more you will not be taken to the real Facebook site, but instead your browser will visit a website hosting a malicious iFrame script detected by Sophos as Mal/Iframe-W. Within seconds, your computer will find itself put at risk of malware infection via the notorious Blackhole exploit kit.

You may not notice, however, as the cybercriminals have redirected your web browser to a Facebook page which acts as a smokescreen to the attack.
There is no suggestion that the owner of this Facebook page is in anyway related to the malware attack.
Please remember to always be on your guard. You would have been protected from this threat if you had kept your wits about you.

Even if you didn't notice that "Faceb00k" was spelt incorrectly, you could have seen by hovering your mouse over the link that it wasn't going to take you directly to the genuine Facebook website.

Said Graham Clulely, Senior Technology Consultant at Sophos “Obviously, it's also very important to run up-to-date anti-virus software and keep your computers patched against the latest vulnerabilities.

“If you don't take the right steps to protect your computer, one day a cybercriminal might find the right social engineering trick to dupe you into making a bad decision or visit a dangerous website.”

No comments: