Gamez and Gadgetz

Fortinet, a company dedicated to the corporate security market, announced that it has detected a malicious Facebook worm 2009 that uses Google Reader (an application to organize and access your most visited websites) and Picasa, so users have access to download the code malicious on their computers.

This new threat .- Mouse works with a video that contains malware that is distributed through the Facebook worm that uses social engineering to obtain confidential information from users who are redirected to the site outside of Facebook Google Reader or Picasa.

Since late July 2008, the worms were attacking Facebook users have been detected in several sites. The strategy was simple but effective: a malicious message is sent to the infected user’s friends, inviting them to visit a page containing a video, something very common in today’s era of Web 2.0. However, if users follow the link, you will soon realize that the video does not start, unless you install a special codec, how it is requested by the page. The codec is just a Trojan horse, which contains several pieces of malware, including a copy of the worm.

This “leap” through Google Reader or Picasa serves a basic purpose: it gives the user the feeling that the video is saved on Google, which means that it should be safe. This, plus the fact that “the message is from a friend” does diminish the care of the user, and increase the chances of downloading malicious code.

Some council to keep in mind:
1. Be careful with messages containing a link.

2. If you find any such message, ask yourself if you’re reading a message is who he claims to be. In fact, it is very easy to distinguish which messages are from people who know and imitators, as the writing style of the people can not be imitated by worms.

3. Monitors the content of the videos. Much of the social engineering used in social networks is based on bringing the victims to watch a video. You must bear in mind that online videos share a very common format (eg flash), so if you usually watch videos on youtube or dailymotion, we would not need an additional plug-in or codec. Very important: the codecs that come in the form of executable setup files are, in this context, Trojans.

4. Do not surf the Web with a system that does not have security updates. Often, those malicious end-points carry notices Web browser to run the trojan on your system without you realizing it and without your interaction. This does not happen if your browser is updated. This is preferable to switch browsers, thereby reducing the area of operation on your computer.

5. If you’ve been tricked by the virus, virus protection can save you. Please note that a combination of antivirus and Web content filtering protection create a stronger, if the malicious site is placed on the blacklist in the Web filtering, antivirus is not necessary for the attack fails.

Popularity: 17% [?]