This time, bad guys still use a not-new-script, which is spreading poisonous links though social networking site Facebook to cheat users into accessing phishing, malicious websites.
The new trick of this campaign is the faking of YouTube plugin for Firefox and Chrome browsers. This shows hackers’ investment, close following-up and continuous changes.
Hackers convince users that they have to install the plugin to be able to watch the video.
Once users agree to install the fake plugin, their Facebook accounts will become poisonous spam link resources with their friend’s walls. Of course, the culprit is definitely the plugin they have just installed.
Back to history, if you have read our older blog entries about the spreading of poisonous code though Facebook, it’s easy for you to picture out the development in hackers’ methods. First, hackers registered domain name similar to Facebook’s and “waited” for users’ mistyping. Then, they changed to entice users into running javacript in the address bar of their browsers. And this time they make users install fake YouTube plugin for Firefox or Chrome. Hackers always invent new methods once users have been aware of and got to be watchful towards the old methods. Therefore, the best way to avoid falling into hackers’ traps is to enhance our own vigilance of shared or received links. At the same time, it’s advisory that users install strong antivirus software to make their computers comprehensively protected.
Nguyen Cong Cuong
Senior Malware Researcher