{"id":72502,"date":"2011-08-19T07:08:52","date_gmt":"2011-08-19T07:08:52","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72502"},"modified":"2011-08-19T07:08:52","modified_gmt":"2011-08-19T07:08:52","slug":"malware-attack-through-facebook","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/malware-attack-through-facebook\/","title":{"rendered":"Malware Attack Through Facebook"},"content":{"rendered":"<p>Many users have been receiving a spammy message via Facebook\u2019s chat functionality which looks something like shown below:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/face_fb_chat.png\" alt=\"\" width=\"266\" height=\"285\" \/><\/p>\n<p>The messages spreading via chat are:<br \/>\n&#8211; bist du das?? aaaaaahahahahaahahaha<br \/>\n&#8211; hey is this your ex?? lol [LINK]<br \/>\n&#8211; omg you look so cute [LINK]<\/p>\n<p>If a user clicks on the shortened URL, he\u2019s exposed to an executable file that looks like an image file.<br \/>\nThe malware gets downloaded and stores itself in the Windows %TEMP% folder.<br \/>\nUsers might get curious and tempted to see the specified picture, which then downloadeds the malware.<\/p>\n<p>On clicking on the executable file, a \u201cPicture cannot be displayed\u201d error message appears.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft\" src=\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/face_fb_error.png.png\" alt=\"\" width=\"185\" height=\"107\" \/><\/p>\n<p>But when this file gets executed, it installs a malware which runs in the background. This malware works as a downloader and can download keyloggers, spyware, backdoors, Fake AV etc.<\/p>\n<p>Users are advised to take extra care when dealing with links on Facebook.<br \/>\n<a href=\"https:\/\/www.quickheal.com\/\">Quick Heal<\/a> detects this malware file and protects its users by preventing it from spreading.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Many users have been receiving a spammy message via Facebook\u2019s chat functionality which looks something like shown below: The messages spreading via chat are: &#8211; bist du das?? aaaaaahahahahaahahaha &#8211; hey is this your ex?? lol [LINK] &#8211; omg you look so cute [LINK] If a user clicks on the shortened URL, he\u2019s exposed to [&hellip;]<\/p>\n","protected":false},"author":22,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,24],"tags":[64,65,42,43,29,66],"class_list":["post-72502","post","type-post","status-publish","format-standard","hentry","category-facebook","category-malware","tag-facebook-applications","tag-facebook-privacy","tag-facebook-scam","tag-facebook-malware","tag-social-engineering","tag-social-network-privacy"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72502"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/22"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72502"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72502\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72502"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72502"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72502"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}