The corporate slogan of Facebook is “Move fast and break things”. Our spam traps reveal that spammers have taken that to heart and are implementing features even faster than Facebook – except, of course, those features aren't real.
In January of 2013 Facebook added a feature to mobile apps that allows you to record a voice message to Facebook instant messaging conversations. Spam we're seeing in our honeypots takes this one step further and poses as a voice comment inserted directly into your timeline, something Facebook doesn't even do yet.
In English this says:
You have recieved a voice comment on your timeline.
Recording: To open the comment click on the link below. The content recorded is the responsibility of the user.
… with a button labeled Open Comment.
Fake multi-media messages are a fixture of Latin American spam, but we wouldn't be surprised at all to see this convincing-looking email translated into other languages, particularly English for the Norteños.
The payload is hidden behind the tiny.cc URL shortener and hosted on a dropbox account. A variant of Trojan.Graftor, aka Trojan.Swizzor, it is further disguised as a .cpl, a control panel extension, which is meant to be used by the Windows control panel but is in fact just another sort of Windows executable file. If run, it burrows into the victim's PC to steal passwords and respond to other remote commands.
Barracuda Networks customers using the Barracuda Spam & Virus Firewall are protected from these emails.
Christine Barry est blogueuse en chef et responsable des réseaux sociaux chez Barracuda. Son travail consiste à rédiger des articles captivants en lien avec les services Barracuda et à faciliter la communication entre le public et les équipes internes. Avant de rejoindre Barracuda, Christine a été ingénieure de terrain et chef de projet dans l'éducation et auprès de PME pendant plus de 15 ans. Elle est titulaire de plusieurs diplômes technologiques, d'une licence de l'université du Michigan, et d'une maîtrise en administration des affaires.
Connectez-vous avec Christine sur LinkedIn.