Threat Management, Malware, Threat Management

Scammers use Facebook to distribute malware disguised as video player

Researchers at Trend Micro have discovered a scheme where criminals are using Facebook to distribute malware disguised as a Google Chrome video installer file. 

 

Fraud Analyst Christopher Talampas reported the finding after receiving a message from a Facebook friend containing a shortened link.

 

After clicking the link, he was taken to an imitation Facebook page that automatically downloaded a file titled Chrome_Video_installer.scr. The file is designed to trick the user into believing that it is needed to play a video, but it is actually malware detected as TROJ_KILIM.EFLD.

 

This variant attempted to download another file that researchers suspected may have been the final payload. However, the site has since been taken down. Talamplas noted that 36 percent of visitors to the fake Facebook page are in the Philippines, and five percent are in the U.S.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.