All the latest UK technology news, reviews and analysis

Bogus Facebook page uncovered spreading Infostealer malware

10 Oct 2013

Security researchers have spotted a bogus Facebook page duping victims into downloading data stealing malware.

Symantec researchers Avdhoot Patil and Daniel Regalado Arias reported uncovering the scam in a public blog post, warning the criminals are using the site to mount a two-pronged attack against their victims.

"The phishing site boasted that the application would enable users to view a list of people who visited their profile page. The site offered two options to activate the fake app. The first option was by downloading software containing the malware and the second was by entering user credentials and logging into Facebook," read the post.

"A message on the phishing page encouraged users to download the software that would allegedly send notifications to the user when someone visited their Facebook profile. If the download button was clicked, a file download prompt appeared. The file contained malicious content detected by Symantec as Infostealer. On the other hand, if user credentials were entered, the phishing site redirected to a legitimate Facebook page."

The researchers highlighted the use of the malware as particularly troubling as it has the potential to grant the criminals several espionage and data theft powers.

"Symantec analyzed the malware and found its behavior to be as follows: The malware consists of two executable files that both perform the same action. The files are added to the registry run key, which execute after every reboot. The malware sets up a keylogger in order to track anything that the victim types," read the post.

"Then, it will check if there is internet connectivity by pinging If there is connectivity, the malware will send all information gathered to the attacker's email address. Symantec observed that the email address has not been valid for three months and hence the malware is not able to send updates to the attacker at the moment."

Phishing attacks have been a growing problem facing UK Industry. Prior to the new attack's discovery Kaspersky Lab reported the number of phishing messages hitting UK web users has tripled over the last year, with crooks targeting an average of 3,000 Brits every day.

The sophistication of the attacks is also believed to be growing with criminals constantly creating new inventive ways to spread malware. Earlier in the year Sophos researchers reported uncovering a new phishing message loaded with a malicious Google Doc targeting Gmail users.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Project Manager - Business Transformation - Taunton

Austin Fraser are searching for a Project Manager for...

Project Manager - Business Transformation - Taunton

Austin Fraser are searching for a Project Manager for...

Greenfield C++ Developer/ Engineer, London

Greenfield C++ Developer/Engineer, London Skills...

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...
To send to more than one email address, simply separate each address with a comma.