Peaches Posted April 15, 2011 Report Share Posted April 15, 2011 </h3><h3>Malware Installs Rogue Apps on Compromised Facebook Accounts April 14th, 2011, 08:32 GMT| By Lucian Constantin A new piece of malware being distributed by Sality uses stolen Facebook credentials to surreptitiously install rogue apps under the corresponding profiles.Sality is the world's top file infecting malware and dates back to 2003. The threat has evolved over the years and was fitted with P2P, self-propagation and malware distribution functionality.According to security researchers from Symantec, at the beginning of this year, Sality operators pushed a malicious component through its P2P network that acted as a keylogger and recorded Facebook, Blogger and MySpace login credentials. The trojan sent the stolen credentials to a command and control (C&C) server, but also stored them locally in an encrypted file to the surprise of security researchers. That was until a new piece of malware recently distributed by Sality began making use of the login details in those encrypted files.It downloads Internet Explorer automation scripts from a C&C server and uses the stolen credentials to login on the corresponding websites and perform predefined actions. As far as Facebook is concerned, the trojan received instructions to install a rogue application under hijacked accounts. The app, called "VIP Slots," only asked for access to basic account information. http://news.softpedia.com/news/New-Malware-Forces-Users-to-Install-Rogue-Facebook-Apps-194988.shtml Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.