Social users targeted with new malware

August 28, 2012

Social media sites, like Facebook, are intended to connect people together in the cloud. When malware takes advantage of social users and threatens their security, users should take preventative measures.

Sophos Lab recently reported a new malware that can put users at risk. Hackers are sending emails to users with Facebook accounts, which includes a Facebook photo notification with an attachment. The malicious email also claims that the recipient was tagged in the photograph by a friend.

The subject line of the email reads, "Your friend added a new photo with you to the album," according to Sophos Lab. The body of the email reads, "Greetings, One of Your Friends added a new photo with you to the album. You are receiving this email because you've been listed as a close friend. [View photo with you in the attachment]."

The ZIP file attachment has been identified as a Trojan horse malware called Troj/Agent-XNN. This specific malware grants hackers access to a user's computer that runs on Windows.

Social users should be reminded that a real notification from Facebook names the friend who tagged the recipient in a photo or post. If the email does not list the friend, he or she is encouraged to delete the email.

Facebook endured a similar problem last month, when emails containing a false photo tag notification offered a link to an infected website.

Social media users should be aware of the emails that they open. Monitoring email can ensure data protection and prevent hackers from controlling a computer. If some people are tempted to open an unknown file, they should heed Sophos Lab's warning and double check they are not unleashing a malware.

-McAfee Cloud Security