All the latest UK technology news, reviews and analysis

Bogus Facebook page uncovered spreading Infostealer malware

10 Oct 2013

Security researchers have spotted a bogus Facebook page duping victims into downloading data stealing malware.

Symantec researchers Avdhoot Patil and Daniel Regalado Arias reported uncovering the scam in a public blog post, warning the criminals are using the site to mount a two-pronged attack against their victims.

"The phishing site boasted that the application would enable users to view a list of people who visited their profile page. The site offered two options to activate the fake app. The first option was by downloading software containing the malware and the second was by entering user credentials and logging into Facebook," read the post.

"A message on the phishing page encouraged users to download the software that would allegedly send notifications to the user when someone visited their Facebook profile. If the download button was clicked, a file download prompt appeared. The file contained malicious content detected by Symantec as Infostealer. On the other hand, if user credentials were entered, the phishing site redirected to a legitimate Facebook page."

The researchers highlighted the use of the malware as particularly troubling as it has the potential to grant the criminals several espionage and data theft powers.

"Symantec analyzed the malware and found its behavior to be as follows: The malware consists of two executable files that both perform the same action. The files are added to the registry run key, which execute after every reboot. The malware sets up a keylogger in order to track anything that the victim types," read the post.

"Then, it will check if there is internet connectivity by pinging If there is connectivity, the malware will send all information gathered to the attacker's email address. Symantec observed that the email address has not been valid for three months and hence the malware is not able to send updates to the attacker at the moment."

Phishing attacks have been a growing problem facing UK Industry. Prior to the new attack's discovery Kaspersky Lab reported the number of phishing messages hitting UK web users has tripled over the last year, with crooks targeting an average of 3,000 Brits every day.

The sophistication of the attacks is also believed to be growing with criminals constantly creating new inventive ways to spread malware. Earlier in the year Sophos researchers reported uncovering a new phishing message loaded with a malicious Google Doc targeting Gmail users.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Devices at work poll

Which device do you use most for work?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Front End Developer

(Tank Recruitment, Web Developer, PHP, MySQL, HTML, CSS...

Technical Application Migration Specialist

Technical Application Migration Specialist The University...

Pensions Analyst/Administrator/Officer

A Pensions Administrator required for this leading FTSE100...

Change BA

'Customer Connect urgently needs to identify the key...
To send to more than one email address, simply separate each address with a comma.