Technical Description of Latest Facebook Virus- Sorpampa

Beware of a new Facebook virus called 'Sorpampa', spreading through Facebook Messages."This video is yours?", tries to disable/bypass the anti-virus software, then spreads itself by different chat sessions of the infected user/system.

How to remove it? Read a clear description at http://cyb3rgeeks.blogspot.com/2014/08/facebook-malware-this-video-belong-to-you-thatis-funny.html
 
What the virus does, well it redirects you to a*m*k-m*t*2[dot]com , example:-
<script> location.href="http://www.a*m*k-m*t*2[dot]com/?bencegomik"; </script> (without *'s)

Then when reading the source code on that page, it's clear enough to me they try to infect you.
After checking the domain info of http://www.a*m*k-m*t*2[dot]com, it seems this is the owner:-
(note: i do not say/blame this is the person that spreads the virus, but this is the person that hosts the virus/script)(Regards Ray bro)

Registrant Name: BAYRAM ACAN
Registrant Organization: BAYRAM ACAN
Registrant Street: bbbbbbbbbb
Registrant City: ISTANBUL
Registrant State/Province:
Registrant Postal Code: 34100
Registrant Country: TR
Registrant Phone: +90.5442396707
Registrant Email: saner.3@hotmail.com

Read More

Gmail Android app hacked by researchers

US Researchers have found a weakness in Google’s popular Android operating system.Your most trustworthy apps may be at risk. Researchers say they have found a way to hack Gmail apps with a 92 percent success rate.

The vulnerability extends to a number of other apps including H&R Block, Newegg, WebMD, Chase Bank, Hotels.com and Amazon, according to their study. In most cases, their technique succeeded 80-90% of the time. Amazon’s app was the most difficult to crack at 48%.



Although the paper only covers these seven Android apps, the researchers said their hacks exploit a vulnerability that apps on other operating systems likely share.
"I certainly think the report is credible," cyber-security analyst Michela Menting said in an email. "If a researcher or a hacker looks hard enough, there will be ways to exploit any number of vectors within an application."

Technical Section(How did they do it?)

The hack begins when a user downloads malicious software disguised as a seemingly harmless app like background wallpaper app. Next, the masquerading app exploits a common feature of operating systems—shared memory —to figure out what users are doing on their smartphones.

When timed properly—say, just as a user is entering a username and password, or snapping a picture of a personal check—a hacker can launch a phishing attack. Users think they’re punching their passwords into an app like Gmail, Amazon or Chase, but they’re actually typing it into a sham-screen generated by the malicious app.“At this point, the information is stolen and the attack succeeds,” the authors said in the study. Two of the researchers hail from University of Michigan and another from University of California at Riverside.

Demo videos show how a hacker could use another phone to monitor the activity on the sensitive apps and grab personal information when entered by the victim.

The hack exploits the same design principle that allows alarm and apps that serve as reminder to pop up on a smartphone. Zhiyun Qian, assistant professor at UC Riverside and one of the study’s authors, said in a statement that “by design, Android allows apps to be preempted or hijacked.” 

The hacker would gain access by causing a user to install a seemingly harmless app such as phone wallpaper and expose a newly discovered public side channel that doesn't require privileges. This feature allows processes to share data efficiently and is quite common, since all a phone's downloaded apps interact with one operating system.

"The assumption has always been that these apps can't interfere with each other easily," researcher Zhiyun Qian said in a statement. "We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user."

Why Amazon is less vulnerable?

The researchers said they had only a 48 percent success with the Amazon app because it allows transition from one activity to almost any other, increasing the difficulty of guessing what the user is doing and finding the exact moment to steal data.


How to secure your smartphone from it?

• Users should be cautious and only download apps from trusted sources—big, popular apps are hacker magnets.

• Do a routine check of your smartphone and tablet, especially if you have little ones using the device, to ensure only apps that can be trusted are the only ones installed. Immediately uninstall apps that appear to be from unknown sources or are not necessary.

 The researchers suspect their method will work just as well on other mobile OS, such as Apple iOS and Microsoft Windows, although they have yet to attempt the hack on those systems. They were scheduled to present their findings today at the USENIX Security Symposium in San Diego.

Google did not immediately respond to a request for comment.

I hope you enjoyed it.... Give us feedback that next we can serve more better.....

Read More

Facebook Malware - "This video belong to you? That's funny." - How to Remove it

Now a days a facebook worm is infecting millions of people. So i decided to write an article on it to aware people.  So i am going to describe you that how you can secure yourself from this or if are infected then how can you remove it.

How it is being spread ?

 Koobface sends malicious codes in forms of messages such as "You look funny in this new video" and "You look just awesome in this new movie" leads straight to the virus

I assure you there is nothing funny about it. The Albanian malware can cause a lot of damage to your PC. The way it works is rather simple. You see that your friend has shared a video link on Facebook, you click on it and get redirected to a fake YouTube site which then requires you to download an Adobe Flash Player update. The video features a woman starting to undress and beneath it you see that it has more than a million views. That, of course, is not true. The fake video may play for a second or two so that the you  would be even more tempted to download the supposed update and finish watching the clip. Instead of this update, however, you get infected with a malicious Trojan.

 

 

 

How it works ?

The Trojan that is spread via this scam is called Trojan.Agent.BDYV and once it enters the system it starts collecting user’s personal data. It may also function as a browser hijacker. Needless to say, whoever gets infected with this malware is very likely to suffer financial consequences. Moreover, the Trojan also uses the victim’s Facebook account in order to continue on with its distribution. The user may not even be able to delete these fake posts from his own timeline and activity log. As you can see, the program is truly intrusive.

Unfortunately, Funny Facebook video scam is not the only one of its kind. Earlier this year a scam called “Rest in Peace” first appeared online. The name of the scam refers to its content: a video link posted appears to be about a famous person’s death. If one were to click on it, he or she would be redirected to a corrupted page harboring malware. A slightly different scam was also reported in May 2013: Dorkbot malware was being distributed via Facebook chats.

How to prevent yourself from it?

• DON'T CLICK ON THE MESSAGE

•  Be cautious of individuals who represent themselves as officials soliciting personal information via e-mail

• Be cautious of emails that contain pictures in attached files,  as many of the files may contain a virus. Only open attachments from known senders

• Be cautious of emails that contain pictures in attached files, as many of the files may contain a virus. Only open attachments from known senders.

•   Do not provide personal information to anyone who solicits information. Also beware on the social network sites that include messages and comments such as Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments and many others. 

•   When you're on a social networking site, pay close attention to executables downloaded to Windows machines, keep your machine fully patched and run updated anti-malware software.
  
  
   How to remove if you are already infected
  1.Clear ‎Cookies‬ and ‎Cache‬(you can use cc cleaner for it )
  
  
  2.Open task manager and if you see any egs fbv6 (dont know the name exactly ) kill it if you seen any with that name  (not sure)
  if you done the above things after that download "malwarebytes" software and install.
  3.After that click "Account" on the top right, then "Privacy Settings." Then, click "Edit your settings" under "Apps and Websites" at the bottom left. Click "Remove Unwanted or Spammy Apps," then click the blue X next to the apps you want to get rid of.
  4.If it is koobface worm check out this link Remove Koobface Worm (Remove Koobface, Koobface Remover) http://www.softpedia.com/hubs/Remove-Koobface-Worm  .
  5.See is there any plugins have been installed in your browser without your knowledge then uninstall it.(regards Sri bro)
  I hope it works for you............
  
  

 

 

 

 

Read More