Tuesday, February 21, 2012

Phony Facebook Notification Spam Delivers Keylogger Malware

Warning: Fake Facebook Email AheadHave you ever wondered what it’d be like having a keylogger installed on your machine, relaying every single one of your keystrokes to a remote server for some cybercrook to put to not-so-good use?

If your answer is "no", then it would be in your best interest to delete any vague emails that ask you to download Silverlight in order to read changes related to your Facebook account information.

Security researchers at BarracudaLabs stumbled across a spam email titled, “Your account information has been changed” that contains nothing more than a single image welcoming you to ‘Click now to install’ Silverlight has quite the nasty surprise hiding behind it.

Facebook Notification Spam

Image Credit: BarracudaLabs

“If you take your time and examine the destination of that link you’ll see that the real payload is a .PIF file from an IP address in Malaysia." BarracudaLabs researchers explained, “PIF files are Windows executable files, and in this case the executable that is actually sent is Trojan.Win32.Jorik.”

The real scary stuff begins once you click ‘Run’ and unleash Jorik onto your computer. Every single keystroke and all of your web browsing history - including the web page title - will be recorded to a disk file and uploaded to a remote server.

To keep their PC safe, secure and malware-free, users should avoid downloading software advertised in spam and run up-to-date antivirus software.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment