Facebook is said to be the largest social networking site but now a day’s Hackers easily targeting victims through Facebook and this is also true that Facebook becoming the Largest Malicious link distribution site.
In our Last report on 6th May 2013, a malicious link was targeting Facebook users and hijacking their online accounts and just now we again tracked a Facebook Page which is distributing that malicious link again from various domain names.
First you should check the Image in which the malicious link claims to give you the details “Who Visited your Profile”:
As you can see in the above image the post is saying:Are you curious to know Who visited your profile?You can do it now!!!Just click the link below
The link in the above post ends with .TK and this domain is registered from Tokelau (a territory of New Zealand in the South Pacific Ocean)
The “Facebook page” hacker using for distributing the malicious link:
- https://www.facebook.com/pages/Lydite-5/118919718314459 (Don’t try to visit this link)
The above page was made by hackers just 12 Hours ago, Last time hackers were using another page and it seems that every week hackers are using various new pages to distribute these malicious link.
After a chat with a user who shared this, he said he didn’t post that link it is automatically, so might be hackers have hijacked many online accounts through these Malicious links.
Activity of Users on that links in the Last 12 Hours:
- LIKES – 5639
- SHARES – 1460
Various domain names Hackers using:
Impact of this Malicious Link
- Your complete activity will be monitored and all your information will be sent to the hackers.
- It will automatically start on system startup.
- It works like a Keylogger
- Can hijack your online accounts, you use on that Browser you have installed the add-on.
Some Important points:
We also checked the Malicious link on the Chrome, Internet Explorer and Opera, we find the activity of this Malicious link different on every browser, because on Mozilla gives the .XPI file which is used for extension of Mozilla add-on, This Malicious link automatically detect your browser and gives you the different file downloads.
- On Chrome- it gives you .exe file
- On Mozilla- it gives you .XPI File
- On Internet Explorer- It gives you .EXE File
- On Opera- It give you .EXE File
After scanning that XPI file on virustotal we find that, it can be really dangerous because it is only detected by 3 Antivirus (Sophos, ESET-NOD 32, AntiVir).
Safety Tips:
- Always use Antivirus for your computers
- Beware of all these suspicious links before you click on that, if ever you click so watch out the URL.
You can check our last report on this malicious link, in which we explained with screenshots how the link will be installed as fake Adobe Flash Player browser add-on on your system and after that it will monitor your online activities and your keystrokes also.
Sites we Like……
[…] Every once in a while we choose blogs that we read. Listed below are the latest sites that we choose […]……