Facebook worm poses as two blonde women

by Graham Cluley on November 29, 2011 | 4 Comments

Filed Under: Facebook, Malware, Social networks

Blonde womanIf you're a Facebook user be on your guard against the latest worm reportedly spreading on the system.

First identified by Danish security researchers at CSIS, the worm appears to have been spread via malicious links on the social networking site.

The danger, of course, is that one of your Facebook friends may have had their account compromised (maybe they were sloppy with their password security, or gave access to a rogue application) and you might be tempted into clicking on a link seemingly posted by them.

Although the links pretend to point to an image, the truth is that a malicious screensaver is lurking behind an icon of two blonde women:

The malicious file has an icon of two blonde women

When the code is run it attempts to download futher malware hosted on a compromised Israeli website.

At the time of writing, the malware is not present on the Israeli website (all that remains is a message seemingly from the hackers), but it is very possible that they are using additional websites to spread their malware attack.

Hacked website

Sophos products detect the malware as the Troj/Dloadr-DKK Trojan horse. If your PC becomes infected it is possible that you also have other malware on your computer, some of which may attempt to steal your banking information or compromise your PC in other ways.

Make sure that you keep informed about the latest malware attacks, scams and other threats on Facebook. Join the Sophos page on Facebook, where over 150,000 people regularly share information on threats and discuss the latest security news.

Tags: ,

4 Responses to Facebook worm poses as two blonde women

  1. Eric says:
    November 29, 2011 at 5:52 pm

    The threat is identified, and plenty of details are included, but how is this initially manifested in the FB user's interface? What do you see on your FB page, and what actions should be avoided? A bit more detail in this area would help those like me who aren't sure.

    Reply Report comment
  2. guest says:
    November 29, 2011 at 6:05 pm

    I presume this threat is for Windows PCs. It would be appreciated if these articles could indicate to what extent these threats are a problem for Mac OS X or Linux/BSD users as well.

    Reply Report comment
  3. wmlbrown says:
    December 5, 2011 at 6:41 pm

    That's because most Windows users are unaware there is anything else.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.