Malicious Hackers Use Facebook Wall for Malware Attack

August 7, 2008 – 9:38 PM

Facebook users are being targeted by malicious hackers through postings on the popular Wall section of the social-networking site, security company

Sophos said Thursday.

The Wall, a core feature of Facebook profile pages, is used by members to leave each other messages that in addition to text can also contain photos, videos, music and links to Web sites.

The malware attack comes in the form of a Wall message supposedly posted by a friend that urges members to click on a link to view a video on a Web site supposedly hosted by Google, said Graham Cluley, senior technology consultant for Sophos.

However, the link takes users to a Web page that isn’t hosted by Google, where they are told they need a new version of Adobe’s Flash player and are urged to download an executable file to watch the video.

The file is really a Trojan horse, Troj/Dloadr-BPL, that funnels other malicious code detected as Troj/Agent-HJX into users’ machines. Once it has done that, it displays an image of a court jester sticking his tongue out.

Source:
http://www.pcworld.com/article/149559/2008/08/.html?tk=rss_news