The Latest in IT Security

Christmas Theme for Facebook Profile Leads to Malspam

24
Dec
2011

Attacks that use the holidays as a social engineering lure are starting to pour in as the Christmas day draws near. We recently found a page on Facebook that offers a Christmas theme on one’s profile. The page leads to a malware that comes in the form of browser plugin.

Once users click the Like button, the page redirects them to a URL which allows victims to download and install a malicious plugin named Free Cheesecake Factory Coupons.

What the plugin does is that it floods affected users’ walls with the catchy status, Get Christmas Theme for FB on – – >>0< < – – free Christmas Theme for all FB users!!. Just Install this amazing new fb Christmas new look and change your profile looks show it to your friends.. [Name of tagged friends]

Note that the plugin only works for all browsers, which is detected as TROJ_REDIR.CU.

Users need to be extra vigilant this holiday season, since cybercriminals are surely to continue launching attacks that use the holiday season as a lure. For more information on how to keep themselves protected, we recommend users to check the following reports:

As for the attack explained above, users are already protected through file detection and URL blocking done by the Trend Micro Smart Protection Network.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments