Password-stealing virus targets Facebook users

18 Mar 2010

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

A malicious virus that has taken advantage of Facebook’s own internal email system is targeting Facebook’s 400m users worldwide to gain access to their passwords.

Users receive an email from Facebook urging recipients to click on an attachment to obtain new login credentials. This attachment contains several types of malicious software, including a program that steals passwords.

It is the latest in a number of attacks on the social networking site and its users.

Usually, hackers leverage the internal email system to attack, this new attack uses regular internet email.

Facebook has warned users about the email, advising them to delete it.

The subject line of the email reads ‘Facebook password reset confirmation customer support.’

“This attack on Facebook users highlights the threat that viruses pose to computer users, illustrating how, when posing as a legitimate organisation, hackers can infiltrate systems to get access the data they contain,” said Colm Murphy, director of internet security firm Espion.

“Collectively referred to as ‘malware’, malicious software are software programs which are designed to cause damage to a computer system. A commonly used tool of hackers, malware can be extremely damaging before it is even detected, as it is designed to run undetected in the background.

“The most common sources of infection are: downloading or executing any files from suspicious or unknown sources, opening an email attachment without virus-scanning it first and allowing a ‘friend’ access to your computer while you are away.

“From the moment malware infiltrates your computer, to the time that it makes itself known to you, you could have unknowingly spread it to others. Viruses and worms may corrupt or delete your personal files or may even leave your computer unusable. In this Facebook incident, the malware is designed to find and steal passwords,” Murphy said.

By John Kennedy

Photo: Facebook is advising its users to delete email they receive with the subject line ‘Facebook password reset confirmation customer support’, as it contains malicious software

66

DAYS

4

HOURS

26

MINUTES

Buy your tickets now!

Editor John Kennedy is an award-winning technology journalist.

editorial@siliconrepublic.com