IMG6224 Trojan pretends to be an image in Facebook chat

Chatting has always been a major source of infection, given its characteristics lending itself to sending malicious links camouflaged in flashy messages. In recent years, Microsoft's MSN has been one of the messengers most used by cybercriminals, although all of them have been used to infect more or less.

In this sense, one of the most ingenious worms that I have seen was discovered by BitDefender last year, it spread through Yahoo Messenger and Skype, reaching automatically chat with victims and then send them a link to the malicious download.

Today the picture remains the same, although there is a new giant that has long been the target of attackers, I mean Facebook. Your chat has been used in various ways to infect and send spam, from applications that request your access, to scripts that, when executed innocently in the browser, send messages to all friends.

The following is an example of malicious message which has been detected by G Data with variants in German and English:

Spam chat and fake photo which is actually an .exe

The message includes a link that downloads a alleged photograph, the file is actually a executable but at first glance, without the Windows extensions enabled, it looks like a common image file.

When the victim double-clicks to open it error message is displayed, as if the image was damaged. In the meantime the computer is infected:

False error window generated by the Trojan

These types of attacks are increasingly common on Facebook and on social networks in general, they are usually very effective, especially when an infected user spreads the message among all his contacts. In a matter of minutes, hundreds of users receive the messages and many of them fall into the trap, further spreading the threat.

Must have caution with Facebook chat and not follow links that are strange or that are published without prior notice, although a well-known friend sends them, we must ask them what it is and why they send it since their account could be compromised and being used to send spam.

See also:

I dedicate it to you, messenger worm that looks like an mp3.

Look at this photo … worm that sends messages like Facebook photos.