SHARE
A Malware on the Facebook is running nearby you, which redirect users to a spoofed page of the Social Network and it claims to be a part of Facebook security check feature.
This Malware is revealed by Trend Micro and detected as TSPY_MINOCDO.A.
It does this by redirecting all traffic to facebook.com and www.facebook.com to the system itself (using the affected machine’s HOST file). This ensures that the user can never reach the legitimate Facebook pages. At the same time, the malware is monitoring all browser activity and redirects the user to the malicious site.
The Spoofed page is trying to make fool users and asking them for entering their details and credit card information, which will be sent to Hacker and that’s all your credit card will be exposed.
Here is the Screenshot of that Spoofed Page:

 

Click to Enlarge
How it sends the Info to malicious server:
Malware report from Trend Micro:

According to Trend Micro blog post they also discovered that the malware performs DNS queries to several domain names. What this means that the people behind this are prepared for server malfunction and has a backup to continue stealing information.

It is an Executable Malware which will automatically runs on System Startup so it will affect multiple users on Systems.
Always keep in your mind that social networking websites would never ask for your credit card or online banking account details for verification.

3 COMMENTS

  1. […] access to some of users’ most valuable information, including passwords, email messages, and even credit card information. Modern malware has begun using viruses as a stepping stone to infecting victims. A great example […]

LEAVE A REPLY

This site uses Akismet to reduce spam. Learn how your comment data is processed.