Friday, August 15, 2008

BeAware of new Facebook Virus

Facebook virus infecting 'Friends' lists

Warning to all Facebook users: a new virus is going around that appears to infect the Facebook users' Friends lists. It sends out an email message with a link that asks you to download a plug-in to view a video. One word: don't.

I've received this email message, or a variation of it, from Facebook "friends":

Jeff sent you a message.

Subject: Hey friend. "You've been catched on hidden cam, yo."

As with any other email you receive within Facebook, users will get this message in their Facebook email inbox as well as their default email program, such as Outlook or Outlook Express.

Following this messages is a long URL (website address) that, when clicked, takes you to what appears to be a YouTube video. This is not YouTube. When you click the video to begin, a message pops up and says you first need to download a newer Flash player to play the video. Do not do this. It's a virus.

Symantec's Norton Antivirus software has flagged this as a "high risk" Infostealer.Gampass virus. More info on this particular Trojan vius is here. (Note: Symantec warns the risk level is "low," since it originated in 2006, but this new Facebook email is a new iteration of the same virus.)

You might be inclined to click on this link because it's from a friend, but they did not intentionally send it to you -- and yes, their Facebook photo is attached, too.

What to do if you downloaded the virus?

Unfortunately, there's no quick fix if you run this virus, says Marc Fossi, manager of system development, at Symantec's security response team:

"The Trojan is not new -- it’s only the attack mechanism that is. Clicking the link won’t infect anyone. The threat is only installed if the user downloads and executes the “codecsetup.exe” file he refers to. Since Gampass can also download and install other threats onto the computer there is not a single disinfection procedure available. The user should download the latest virus definition files and run a full scan of their computer. Always keep antivirus definition files up to date is the only thing that will warn the users ahead of time. This doesn’t exploit a vulnerability so there isn’t a patch available. But the full system scan should disinfect Gampass and any other threats it downloads and installs."


2 comments:

Alex said...

I heard about not bad application-fix outlook inbox, can be work with damage data in Microsoft Outlook, possible it may recover corrupted contacts with are sharing it, also do something read (detect and recover) data from the selected *.pst file, work with storing emails, business and personal contacts, as well as other important information, such as appointments, tasks and notes.

Shoaib Yousuf said...

Alex,

Interesting.

I will do further investigation on this one..

Thanks for sharing.

Cheers

Shoaib