|
tmy
|
 |
« on: August 23, 2011, 05:29:59 AM » |
|
 everyone,just want to warn people to be careful when clicking on a friends request, read on .............................
ZBot malware variant spreading in Facebook Be warned of a variant of the ZBOT malware that uses domain-generation techniques to extract data from victims' computers, The message bears a link that the user must click to approve the friend request. Clicking the said link, however, will only lead to a page informing the user that they need to install the latest version of Adobe Flash Player in order to proceed. Unsurprisingly, the downloaded file is not the Adobe Flash Player installer, but a malicious file detected as TSPY_ZBOT.FAZThe TSPY_ZBOT.FAZ, like most ZBOT variants, connects to a certain site to retrieve a configuration file that contains URLs the malware will monitor. The malware will use the URLs specified by the configuration file to steal credentials and related data.But unlike other ZBOT variants that use a present URL, TSPY_ZBOT.FAZ randomly generates a URL, depending on the system's current date. While this is not the first time ZBOT variants used domain-generation algorithms, using Facebook will potentially fool unsuspecting users.
This usage of the most popular social networking site, however, will definitely hook more unsuspecting users. Well you have been warned enjoy your facebook and relax but just be aware. Hope this helps to keep you guys clean so to speak take care.
 tmy 
|
