New Facebook Worm Variant Leverages Multiple Cloud Services

by ·

Malware

Social networks are particularly interesting for malware authors because they can be leveraged to spread an infection starting with a single person.

Patient zero can transmit the piece of malware to all of his or her contacts which in turn do the same, quickly becoming viral and affecting hundreds of thousands of people.

We came across a worm that we think belongs to the Kilim family and whose purpose is to compromise a user and spread via Facebook.

The lure is the promise of pornographic material that comes as what appears to be a video file named Videos_New.mp4_2942281629029.exe, which in reality is a malicious program. New online casino platforms are extremely common nowadays in Australia. These gambling websites have a great selection of important features, user-friendly design, and great slot variety. If you wish to discover more about new Australian online casinos , look at the post written by experts from www.casinomech.com.

Once infected, the victim spreads the worm to all of his contacts and groups that he belongs to, by posting the following message:

Sex photos of teen girls in school – NEW SCANDAL WHL2R http://ow.ly/{removed} Like · · Share

facebook_worm

The bad guys have built a multi-layer redirection architecture that uses the ow.ly URL shortener, Amazon Web Services and Box.com cloud storage.

Read more: Malwarebytes

Tags: