potentially unwanted programs - Online Cyber Security News

Tracy Morgan Dead? Facebook Scam Targeting Users with Malware

Friday, June 27, 2014 Wang Wei

BEWARE: Is Tracy Morgan Really Dead? Facebook Scam Targeting Users with Malware

Oh MY God! Is Tracy Morgan Really Dead? NO, Thankfully it’s only a hoax, but scammers announced the popular comedian and actor Tracy Morgan dead.

Another Facebook scam is circulating across the social networking website just a day before the former “Saturday Night Live” and “30 Rock” star Tracy Morgan was critically hurt in a six-vehicle fatal accident on the New Jersey Turnpike that killed his friend and writer 62-year-old James McNair.

With the rise in various scams on the popular social networking giant, Facebook that has more than one billion active users, it became very clear that not only does the social networking platform provide special opportunities for people to connect and share information, but serves as a great platform for scammers as well.

TOTAL SCAM LEADS TO MALWARE

Scammers spare no incident to target as many victims as possible, and this time they made use of this roadway accident to target users by spreading the fake Facebook videos proclaiming the death of Tracy Morgan.

Malwarebytes warned about the Morgan video scam, saying that the fake video tricks users into sharing it that are spreading throughout the social network, with the Title, “[Death Video] R.I.P. Tracy Morgan died few minutes ago in hospital.”

Once clicked, users are directed to share the fake videos and along with the video sharing, the spam leads users to download a file, which could be anything from a Potentially Unwanted Program (PUP) to a malicious software that could steal users’ sensitive or financial information from the infected system.

TRACY MORGAN DEAD? RUMORS REACHED TWITTER AS WELL

In response to this false news, people began tweeting that Tracy had passed away on June 10. The fake news spread like fire on the internet. Following are the tweets by his Fans:

JUST IGNORE IT

“Pay no attention to scammy and sensational sounding videos appearing on your Facebook feed and stick to trusted news sources for breaking stories and information,” warned Malwarebytes. “Surveys are always a pain, but scam sites offering up random redirects always carry the potential to be even more problematic – you simply never know where you’re going to end up.”

We have seen various suspicious posts on Facebook, like "See your Friend's naked video", an app offering you a chance to see who has viewed your Facebook profile, and many more. Sometimes these scams are very obvious and easily avoidable, but many times they are irresistible and easy to fall for, like this new fake video scam.

SCAMS AT RISE, SO BE SAFE

With more tech skills, modern scammers have ability to reach billions of potential victims with just a single message or post, and their scams are getting more dangerous and critical day-by-day. Despite Facebook's security measures, safe and secured social networking rests in your own hands and if you aren't paying attention to such scams, you could fall for one such even without ever realizing.

So, if you are served with any suspicious link or post, do not try to click on it, no matter even if it’s from your closest friend.

DeviantArt Malwaretising Campaigns lead to Potentially Unwanted Apps

Sunday, June 15, 2014 Wang Wei

Today, the estimated number of known computer threats like viruses, worms, backdoors, exploits, Trojans, spyware, password stealer, and other variants of potentially unwanted software range into millions. It has the capability to create several different forms of itself dynamically in order to thwart antimalware programs.

Users of the biggest online artwork community, DevianART with Global Alexa Rank 148, are targeted by the potentially unwanted software programs -- delivered by the advertisements on the website, Stop Malvertising reported on Sunday.

A Potentially Unwanted Application (PUA) is a program that may not be intentionally malicious, but can negatively affect the performance and reliability of the system by distributing spyware or adware that can cause undesirable behavior on the computer. Some may simply display annoying advertisements, while others may run background processes that cause your computer to slow down. However, unlike malware, users themselves consent to install a PUA into their systems.

The malicious advertisements are delivered via newly registered (3rd March 2014) domains - Redux Media (www.reduxmedia.com) and avadslite.com. "Over the past months, this domain has been seen to resolve to the following IP addresses: 107.20.210.36 (2014-05-01), 54.243.89.71 (2014-05-01) and 184.170.128.86 (2014-05-25). According to VirusTotal, malware has communicated with the last two IP addresses." Kimberly from Stop Malvertising said.

Once the user click on the Ad served by the DevianArt website, they are redirected to the Optimum Installer, a source of Potentially Unwanted Applications (PUA's) that downloads legitimate software applications as well as bundled third-party software including toolbar.

As shown, a pop-under warning will urge users to "update Media Player", immediately followed by a second advertisement to "update Windows 7 Drivers" to avoid vulnerabilities, reduce crashes and ensure an optimal browsing experience. This is just a scam nothing more or less, do not fall for it.

Obviously, these are well known social engineering techniques to trick the computer user into installing malicious or ad-support software. Such infection are designed specifically to make money, generate web traffic, and will display advertisements and sponsored links within your web browser.

You should always pay attention when installing software because often, a software installer includes optional installs, such as this “Update Windows 7 Drivers” adware. Be very careful what you agree to install. Stay Safe.

Real Ghost Caught on Camera! New Facebook Scams Lure Users to Download Malware

Saturday, May 10, 2014 Mohit Kumar

Real Ghost Caught on Tape! Facebook Scams Lure Users to Download Malware

If your Facebook wall offers you any horror videos that claim to be of a real ghost spotted, don’t dare to click on them, as it may be hoaxes, malwares or scams contained within which are the real horror for the online users.

We have seen a lot of Facebook scams spreading through the Facebook timeline in wild that encourages users to click on it and fall victim, and this time some new horror scam campaign is going viral on Facebook.

Christopher Boyd from the security firm Malwarebytes has discovered an epidemic of hoaxes making their way around Facebook with paranormal themes, including:

Alleged footage of an “actual” ghost attack
a video featuring the Aswang that is described as “a mythical shape-shifting were-dog/vampire/terrifying thing from the Philippines”
a video of Mermaids claiming they are back!
Video of a huge great white shark tearing apart a sea captain.

Facebook has become one of the most popular social networking website with more than one billion active users this year and daily hundreds of people join the networking website to connect with new friends and reconnect with their old friends.

But, with the increase in various scams on Facebook to target users, it became very clear that not only does the social networking platform provide special opportunities for people to connect and share information; it also serves as a great and useful platform for scammers to spread malware or virus infections or redirect users to the sites of their own choice.

Once again scammers have targeted Facebook users and encouraging them to open the scammed video and once clicked, Facebook users are either asked to download or install updates to the video players, but actually these installations will lead to successful malware installation to the users system.

According to Malwarebytes, the ghost attack scam video will led users to the install PUP.Optional.InstallBrain.A, the Aswang prompted unsuspecting Facebook users to download “scan your PC” malware, the mermaids led to an iLivid install that was actually PUP.Optional.Bandoo, whereas the shark brought users to pages filled with spammy surveys and downloads.

“That concludes our spooky train ride through a mid-May haunted house of doom. Please keep your hands inside the cart until the gates have opened, and avoid clicking on fake Facebook videos at the gift counter,” Christopher Boyd of Malwarebytes wrote.

We have seen various suspicious posts on Facebook, like the recent “Facebook Security Warning!!! Do this before your account gets deactivated!” scam that threatens users with account deactivation if they don't register it again, and "See your Friend's naked video", an app offering you a chance to see who has viewed your Facebook profile, and many more. Sometimes these scams are very obvious and easily avoidable, but many times they are irresistible and easy to fall for.

So, if you are served with any such suspicious post or any other suspicious link, do not click on it, no matter it’s from your closest friend.

Don't Fall for Fake Instagram Desktop Applications Offering 'Image Viewer'

Thursday, May 08, 2014 Swati Khandelwal

Today, the estimated number of known computer threats like viruses, worms, backdoors, exploits, Trojans, spyware, password stealers, and other variants of potentially unwanted software range into millions. It has ability to create several different forms of itself dynamically in order to thwart antimalware programs.

Instagram users are also targeted by the potentially unwanted software programs that claims to enable them to download their Instagram photos and videos using desktop machines or computers. But once downloaded and installed into system, it could expose the user to a number of security vulnerabilities, often overlap with adware, warned the security firm Malwarebytes.

"In the case of Instagram, what we've seen out there could pose greater risk than, say, your average phishing site," said Malwarebytes intelligence analyst Jovi Umawing in a blog post.

Instagram is a social networking service use for online photo-sharing and video-sharing. It allows its users to take pictures and videos, apply digital filters to them, and share them on other social networking services, such as Facebook, Twitter, Tumblr and Flickr.

With the growing popularity and concern among the internet users, Instagram is widely used by people. The firm expects that in the coming years the number of users will steadily increase until at least 2016, by considering the latest statistics from the digital marketing research and analysis company eMarketers published in late March, Instagram surpassed Twitter in terms of active mobile users in the US by 2.7 million, which is really a very large number.

“With news of Instagram finally beating Twitter in terms of overall usage, it’s high time that we stop, look back, and remind ourselves of the potential dangers lurking on the net specifically crafted to target Instagram users and lurkers alike,” the company warned in a blog post.

Malwarebytes found a number of files and sites as well that take advantage of software’s popularity and come bundled with the downloads of such third-party programs which includes a number of potentially unwanted programs (PUPs) that could spell bad news for users.

However, Potentially Unwanted Programs are not technically-classified as trojans or any other type of malware, but it serve little purpose other than using your computer as a gateway for online advertisements or as a catalyst to deliver annoying or malicious applications that may pester you to the point where you want to throw your computer out a window.

“Doing a Google search surely yields sites where one can download several programs involving Instagram. Some of which can either be classed as ‘image viewers’ or ‘image and video downloaders’ publicly-accessible accounts,” the firm wrote. "Since Instagram can be visited via Web browsers, we can easily say that these downloads target any Windows computer user who just want to keep copies of photos and videos that are likely not their own."

There are anti-malwares to detect these kinds of threats, but this is something that remains on the users’ hand as well because the increase in the number of potentially unwanted programs and its several variants could target online users and cause danger. So, avoid downloading such programs onto your personal systems.