Social users target of IM malware attack

August 30, 2012

Amidst a string of spear phishing attacks, a new malware has been reported that targets social media users through instant messaging services.

Referred to as a botnet, the malware spreads via Facebook chat, Skype and Windows Live Messenger, among other services, and claims to be a video link sent by a Facebook friend, according to the online publication, The Next Web.

Once the computer is infected, the malware sends new instant messages through chat services, which can then spread the malware to more computers.

According to The Next Web, an Ajax command makes the malicious file look like a video sent from a Facebook friend. If a recipient of the spam clicks on the link, the hacker can take control of the computer.

The malware has the ability to either move around the Windows Firewall via the command "netsh firewall allowed program," or update the firewall policy to include its name. The malware then copies itself onto the computer and hides the file either in the windows, public or program files folder.

Spear phishing
Another malware attack recently targeted Facebook users through malicious emails claiming that a friend tagged the recipient in a photograph on Facebook. The rise in spear phishing attacks could be caused by hackers' abilities to access personal information through social media sites and the ability to target a large amount of people at a time.

"Automating these attacks is easier than before," Johannes Ullrich, chief research officer at SANS Institute, told Forbes. "Having millions of users connected to the same [programming interface] creates a rather easy opportunity to harvest this information."

Block hacker attempts
Facebook has been taking measures to prevent these types of attacks. In a statement to Forbes, Facebook said it built enforcement mechanisms that shut down a page or account if it is suspected to be malware or spam. Facebook also plans on placing "backend measures" to prevent these attacks in the future.

Experts recommend avoiding unknown links if a user does not know the person who sent it, or if the friend denies sending a link. Social users should also deny friend requests if they do not know who the person is.

As the number of malware attacks increases, people should take precautions when opening unknown emails to ensure security in the cloud.

-McAfee Cloud Security