Contact
QR code for the current URL

Story Box-ID: 214299

Fortinet GmbH Feldbergstr. 35 60323 Frankfurt a.M., Germany http://www.fortinet.com/
Contact Heather Stewart
Company logo of Fortinet GmbH
Fortinet GmbH

Double trouble, as new Facebook worm targets Google Reader

Fortinet's FortiGuard Center discovers malicious worm

(PresseBox) (München-Unterföhring, )
Fortinet, the pioneer and leading provider of unified threat management (UTM) solutions has detected a malicious Facebook worm that is trying to leverage Google Reader (an application for organizing and accessing your most visited websites) to gain trust in visitors so that they download a malicious codec onto their machines. How? A malicious video is distributed through the Facebook worm and then attempts to 'socially engineer' trust by redirecting out of Facebook to a Google Reader site.

Fortinet has notified both Facebook and Google, and posted the following advisory on its FortiGuard Center: http://fortiguardcenter.com/...

Guillaume Lovet, Senior Manager at Fortinet's FortiGuard Global Security Research Team, advises the following 'Top Five Tips' to avoid becoming a victim of this potentially devastating attack:

1. Beware of messages with a link inside.

2. If you do detect any such messages, ask yourself if the message you're reading is from who it claims to be. It is actually very easy to separate messages that are from people you know, and imitators, as worms cannot imitate people's own style of writing.

3. Be vigilant about video content. A lot of social engineering sleight of hand used by social networking sites rely on teasing the victim into watching a video. Keep in mind that online videos share a very common format (i.e. Flash), so if you can normally see flicks on youtube or dailymotion, you won't ever need any additional plugin or codec. Most importantly: codec which come in the form of executable setup files are, in this context, Trojans.

4. Don't browse the Web with a system that's not up-to-date with security updates. Often, those malicious end-points carry some web-browser exploits that will actually push the Trojan onto your system without your knowledge, let alone your interaction. This won't happen if your browser is up-to-date. You may prefer alternate browsers for that purpose, hence reducing the exploit surface in your technology.

5. If you have already been fooled by the virus, antivirus protection may very well save you. Note that a combination of antivirus and Web content filtering would create stronger protection, as if the malicious site is blacklisted on the Web filtering part, antivirus may not be needed to make the attack fail. However, it is always good to have both due to the ever increasing sophistication of threats.
The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.