Facebook Dislike Button - Beware, Scam Spreading

A new facebook scam message is spreading rapidly and has gone viral among the facebook users,  It looks like that Facebook has became most favorite play ground for spammers, After the Dad Catches Daughter on Webcam scam it seems like Facebook Dislike button has gone viral, Here is the screenshot of the Facebook dislike button scam message:

Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature!

 Now as you can see from the above screen shot the link "Activate Dislike Button" looks genuine and it appears to be where the Share button is placed. Once the victim clicks on the "Activate Dislike Button", He arrives on a page where it asks to paste a JavaScript on to his/her address bar. Once the victim does that, The same message get's posted on his/her wall.

How It Works?

As I told you above that the "Activate Dislike Button" appears where the "share" button is usually placed, This is all because of the javascript, The Javscript which the victim pastes in his/her address bar actually renames the "Share" button to "Activate Dislike Button" but the functionality of the button is same due to which the message get's posted on the victims wall.

Is it a Virus?

Yes it is, When I clicked on the "Activate Dislike Button" it brought me a to page where I was asked to paste the javascript, suddenly my Antivirus(AVG) popped up indicating the virus to be some kind of "Social Engineering(Security)type 1710" virus.

It looks to me as it's a part of russian malware, Which once executed properly will leak your email passwords like Facebook, Yahoo, hotmail, Ebay, Paypal etc to the hacker.

Virtox Virus Mis-belief

Some of websites I came across which were telling that it's a Virtox virus, but the truth is that there is no such virus known as "Virtox" and it might be made up by a person who started this scam

Low Antivrus Detection Rate


I used Virus total's URL scanner for analyzing it and I was really shocked to see the antivirus detection rate to be as low as 5/42, Here is the screenshot:

Warning

This whole testing process was performed in a virtual environment, Don't Attempt to try it on your own computer or you will result in infecting your self, If you think that you have been infected, Scan your system with a Good Antivirus.

Hope you have liked my post and I hope in you won't fall for these scams in your near future, If you want to reproduce this article, make sure you give the credit to the original author and the website.If you would like to know more about facebook scams kindly Join our Facebook Fan Page.

DAD CATCHES DAUGHTERS ON WEBCAM - Beware Facebook Viral Scam

As Facebook is one of the most widely used social networking website around, It is being hit by lots of viral scams, Today I just came across one of those viral scams when one of my friend on facebook shared a link on his wall, "[VIDEO] DAD CATCHES DAUGHTERS ON WEBCAM [OMGGGG].AVI", The title of the link looked suspicious to me so i thought to figure out exactly what was going around.

[VIDEO] DAD CATCHES DAUGHTERS ON WEBCAM [OMGGGG].AVI[LINK]two naughty girls get caught in the WORST moment while making a vid on their webcam! omg!!

When I clicked on it, I was redirected to a page where I was asked to click a button to play the video, The moment I saw it I noticed that it was a flash file and was not a real video.

This was just to fool the users and making them download the adobe flash plugin in order to play the video, Once I clicked on the button "Download Codec", A file named Freecodec.exe started to download, which made me think if it's a keylogger or a trojan but the file happened to be clean according to the "No virus thanks 32 Scanner".

Ultimately I was redirected to a webpage which was promoting a tool called Profile Stylez and the Freecodec.exe was the installation file for the Profile Stylez tool.

After viewing the source code of the page I found the following line of code which was responsible for spreading the link to your facebook wall, Any one with the basic knowledge of Html and IFrame would certainly know what this code is exactly doing, Here we actually discover a vulnerability in like.php code which abuses users trust for viral spreading of the links.

<iframe allowtransparency="true" frameborder="0" scrolling="no" src="http://www.facebook.com/plugins/like.php?href=www.blackinfopages.com%2Fi?4dcef0f134a10&amp;send=true&amp;layout=standard&amp;width=450&amp;show_faces=true&amp;action=like&amp;colorscheme=light&amp;font&amp;height=80" style="border: none; height: 80px; overflow: hidden; width: 450px;"></iframe>

Lastly I scanned the file Freecodec.exe on http://www.virustotal.com as I was a bit unsatisfied Novirusthanks due to my experience in past and guess what Symantec antivirus and VBA32 recognized it as a Trojan.Dropper.

Master Plan

So according to me the master plan was actually promote the tool and at the same time install malware in to victims computer and control their computers at the same time.

Security Measures

• Avoid clicking on those posts titles which have words such as "OMG, WOW, DAMN" they are most likely to do the same thing
• Always install any kind of Plugins and codecs from the official website, You might be installing malware along with the plugin.
• Always scan a file with an online virus scanner such as virustotal before running it on your own computer.

Hope you have liked my post and I hope in you won't fall for these scams in your near future, If you want to reproduce this article, make sure you give the credit to the original author and the website.

If you would like to know more about facebook scams kindly Join our Facebook Fan Page.

Wordpress Fixes a major security issue by releasing 3.0.2

Wordpress has just released it's newest version 3.0.2 fixing a critical security flaw in wordpress 3.0.1, The new version fixes a Security issue which allowed the author level users to gain further access to the website, Wordpress has not mentioned yet that what type of vulnerability was found, All we know that the blogs with Multiple author are vulnerable to this type of attack, So make sure that you update it as soon as possible



Here is the official statement by wordpress:

WordPress 3.0.2 is available and is a mandatory security update for all previous WordPress versions. Haiku has become traditional:
Fixed on day zero
One-click update makes you safe
This used to be hard
This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.

Firesheep Makes Facebook Hacking Easy

Recently a new firefox addon Firesheep have been a cause of thousands of email accounts, As reported by techcurnch, Firesheep has been downloaded more than 104,000 times in roughly last 24 hours, With Firesheep the hacker can control any account without even knowing the username and password of the desired account, As Facebook is worlds most popular Social Networking website, therefore it has been the major victim of it, Firesheep uses Http Session hijacking attack to gain unauthorized access to a Facebook or any other account

What is Session Hijacking?

In a Http session hijacking attack an attacker steals victims cookies, Cookies stores all the necessary Information about one’s account , using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account

How can a Hacker use Firesheep to Hack a Facebook or any other account?

Now I will tell you how can a hacker use firesheep to hack a facebook or any other account, You will need the following things:

• Public wifi access
• winpcap
  
• Firesheep(Download)

Method

1. First of all download "Firesheep" from the above link and use the "openwith" option in the firefox browser

2. Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebar and click on Firesheep

3. Now click on the top left button "Start capturing" and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly

Hope you liked the post! Pass the comments

Some posts from Past on Facebook Hacking:

How to hack Facebook Password
Hack Facebook Password using winspy
4 ways on how to hack Facebook password
Hack Facebook account using Facebook freezer

A major flaw in Mcafee URL shortner

Mcafee claims its products to be top and most popular security product, Today I heard about Mcafee url shorting service, As I visited the Mcafee Url shortning website, I found that they claimed that their url shortner is safe and secure.



So I thought to test it, I created a Facebook fake login page and tried to shorten it with Mcafee url shortner, hoping that it was detect it and will not allow to shorten it, but I was shocked to see that Mcafee actually showed that the website is safe, see the image below:


As lots of people trust on mcafee and a hacker could take an advantage of Mcafee Url shortning service and steal thousands of email accounts, this shows that one should not always rely on softwares for security, 


Hope Mcafee fix this very soon