Saturday November 22, 2008 11:40 AM AEST

SC Magazine Australia/NZ > News > Vulnerabilities & Exploits > Malware > Storm spoofs FBI via Facebook

Vulnerability Alerts

SANS

Microsoft

Microsoft Security Bulletin Summary for November 2008
MS08-069 – Critical: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) - Version:1.0

CERT/CC

Latest Comments

"when i login to face book it tells me i am cookies enabled what does this mean"

on Ads on Facebook serving up adware

by celeste | Nov 21, 2008 5:15 PM

"Hi this is the mail I received Brett Karpman show details Nov 17 (3 days ago) Reply Atten..."

on Yahoo and Microsoft take aim at lottery scams

by Rodney Churchyard | Nov 20, 2008 6:13 PM

"security through obscurity...shows how detached HIPAA is from reality."

on Privacy breaches causing business instability

by priceOfFishInChina | Nov 20, 2008 1:19 PM

"Umm. no. The 6.5 product is mounting the offline VM image and performing a scan for patch ..."

on Shavlik Technologies to broaden its patch management offerings

by eric | Nov 20, 2008 8:15 AM

"it's great i tried it"

on McAfee offers free trial of security appliance

by divyacharan | Nov 20, 2008 12:24 AM

Malware

Storm spoofs FBI via Facebook

By Shaun Nichols
Jul 30, 2008 10:32 AM
Tags: Storm | spoofs | FBI | facebook

The malicious botnet is now attempting to recruit new members by hiding its malware within a fake news story about the FBI and Facebook.

The spam messages contain such headlines as "F.B.I. may strike Facebook," F.B.I. are spying on your Facebook profiles" and "Facebook’s F.B.I. ties."

Upon attempting to view the supposed video of the article, the user is presented with an executable file, which in turn infects the user and ads the PC to the massive Storm botnet.

Researchers at security firm Sophos first discovered the spam run early yesterday. According to Sophos, this is the third campaign from Storm within a week.

The other attacks include fake stories on a new North American currency known as the "Amero" and a run of fake greeting cards.

The attacks are very similar to another spam run Storm made earlier this month. In that attack, Storm's creators fabricated a series of stories about the United States invading Iran and attempted to trick users into installing the trojan by disguising it as a video file.

The US Computer Emergency Response Team is encouraging users to avoid opening suspicious email attachments and keep updated anti-virus software.

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Vulnerabilities & Exploits Whitepapers

Storm spoofs FBI via Facebook

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management