Malware phishing with fake Facebook security check page detected

A malware has been spotted that targets Facebook users in the name of 'security checks' and 'spam cleaning'.

Acer Aspire E5Intel Core i5 Processor, Windows 8.1 , 12 GB RAM, 1TB Hard Disk Space, 2GB Graphics
Click to know more
Nokia Lumia 730 with 41% off8MP primary camera with LED flash, 1.2GHz Snapdragon 400 quad core processor, 1GB RAM with upto 128 GB Internal Memory
Click to know more
Malware phishing with fake Facebook security check page detected

Trend Micro has spotted a malware sample, TSPY_MINOCDO.A, which targets Facebook users. The malware redirects users to a spoofed page of the social network and claims to be part of the site's security check feature, even showing the tagline “Security checks help keep Facebook trustworthy and free of spam”.

The malware redirects all traffic to facebook.com and www.facebook.com to the system itself using the victim machine's HOST file. This ensures user can never access the legitimate Facebook pagesm and at the same time the malware spies all the browser activity and redirect the victim to the malicious site.

Trend Micro says users may fall victim to the malware by taking the 'security check' for face value. Affected users may end up relaying their details, and exposing their credit card credentials to 'cybercriminal infiltration'.

“Upon further analysis, we also discovered that the malware performs DNS queries to several domain names. What this means that the people behind this are prepared for server malfunction and has a backup to continue stealing information,” says the security firm in a blog post.


Share on FacebookShare on Twitter



Related Articles


Discuss this Story