Hacker’s favorite target is Facebook to distribute Malware through the suspicious links, we already reported many times about this issue that Hackers taking advantage of this line “Click Here To Who Visited Your Profile” and distributing the Suspicious link which authenticate user to install a Malicious browser add-on.
Everyone is ready to see who visited their profile and clicking on the malicious link because we were monitoring the Malicious events and on every refresh people who are going to attend the event is increasing.
If you will click that Malicious link:
You will be redirected to a webpage which has a background similar to facebook and claiming:
- Instantly see who is viewing your profile
- Check how many photo views you have
- It’s completley FREE
The page also has an option CONTINUE, after clicking on continue a file will be downloaded named- Profilevisitor.exe and the page will authenticate you to install the add-on, which is a Malicious one, so Beware of such Bogus Stuff on Facebook which redirect you to the other URL and other fact in this, the Malicious page uploaded to Amazon CloudFront which is a web service for content delivery
After reporting the Facebook many times they didn’t respond about this and it seems that don’t have time to secure people and on the other hand they have much time to give access our data to CIA without informing us.
Why Hackers using CloudFront?
A main reason behind the use of Amazon service Cloud Front could be the assurance about the online security to people who doesn’t have much knowledge & awarness about the security, even the CloudFront alexa ranking is also high and many of the people also watch out the alexa rank to identify the website.
How this Malicious link is being circulated over Facebook?
This is circulated by a high-profile Hackers network because it is on a large scale, as many of the normal users are handling an event named Click Here To Who Visited Your Profile and they even don’t know that they are the event manager, it is possibility that hacker might be accessed their info through any facebook app installation which allowed them to access their account and many of the users posting the image we provided below and also it automatically tags people in the friend list, after that we personally talked to them and they said NO, we didn’t post that.
Image circulating over Facebook: 
How it can be stopped?
It only can be stopped by the Facebook because they have to check out the issue and block that URL which redirecting people to an html page which has a background similar to facebook.
We already reported 2 times about this malicious link:
- Chrome and Firefox Malicious extension hijacking Facebook profiles
- 10 Malicious links on Facebook have targeted more than 7000 users in the Last 12 Hours; Hackers hijacking accounts
NOTE: Don’t try to visit the below Malicious URL
Malcious URL on facebook – https://d2f36wdth8exn9.cloudfront.net/files/index.html
Events distributing this Malware (We request every visitor to report these events as SPAM)
- https://www.facebook.com/events/175000972676825
- https://www.facebook.com/events/461841697239577
