Attack targeting Windows and Mac users in US and UK.
A
Facebook
scam that is doing the rounds at the moment – claiming to contain a ‘freaky video’ related to the ongoing case concerning former IMF-boss Dominique Strauss-Kahn – is linking to malware.
Like many scams, it spreads via
Facebook
‘s ‘like’ feature and is operated by rogue CPA (cost per action) affiliates. Unlike most scams, however, it does not send the user to deceptive ads but instead sends them to a Lithuanian server that infects them with malware.
As has become common recently, the kind of malware the user is infected with depends on the operating system they use:
Mac
users see
Mac
-targeted scareware, while
Windows
users get infected with
Windows
malware.
As well as being OS-aware, the attack is also location-aware: users who are not in the US or the UK do not get infected but get sent to
YouTube
instead.
More at
F-Secure
‘s blog
here
.
Posted on 01 June 2011 by
Virus Bulletin
Leave a Reply