Everybody share an incredible amount of personal information exposing his identity to serious risks on facebook, its a well known fact. Facebook is very attractive also for governments, intelligence agencies and other whitehat corps that are adopting it to conduct several researches, cyber espionage and to influence public on some particular thematics, law enforcement are also demonstrating a great interest on facebook.
Corps such as FBI are developing a new generation of tools to conduct its investigations, recently the U.S. Department of Justice announced the arrest of 10 hackers suspected to have created a botnet that infected more than 11 million of pc all over the world causing financial loss of more than USD 850 millions. It brings us back in 2008 when the botnet tree “Butterfly”, also known as Mariposa, was discovered after it infected 12 million machines worldwide, in 2009 it was annihilated. As usual, the botnet was designed for illegal services such as spamming and superphishing services and DDOS. The bot agents were able to alter also user’s search results inside browser showing advertisements and pop-up ads, hijacking target navigation.
The criminals used file-sharing and instant messaging platforms to spread the supercode known as Yahos that stolen financial information from over 800,000 victims. The virus was active for years, it uses social networks and instant messaging platforms, such as AIM and Yahoo! Messenger, to send “infected links” to the targets that allow the downloading of botnet viruses.
The most common infection method is through via fake web site. It is sufficient to click on one of the links. Usually this links attract user proposing the download of cool video or applications, behind this links is hidden an installer for the Koobface virus. The good news is that usually this type of malware are identified without difficulty by mainstream antivirus on the market like Norton, Mcafee and all that crap.
Earlier this year another virus has hit Facebook, it was named Ramnit and it has stolen usernames and passwords of more than 45,000 users, to prevent the spread of malware it is crucial that users adopt a proper behavior and use recommended and updated security defense systems.