Facebook Message in Spanish with Video Link Leads to Malware

A new malware attack on Facebook has been reported, which pretends to be a notification about a Facebook friend’s “sexy” video, and leads the user to downloading of a malware file that is designed to steal information from the user’s computer, and also tricks antivirus scanners into believing that the file is safe.

This was first identified and intercepted by security research firm SophosLabs. According to the case study, the malware attack seems to be launched by some Indonesian and Spanish hackers by taking into the consideration of the languages used in the Facebook message.

The message containing a link to a bogus site, reads as follows:

Miiiii lindoooo!!! ahahahaha este videoo no se lo muestrezzz a nadiesss =$$$$ ziii ?? es solo para tiii!! porque ? yoooo te amoooo muxiiiisisisisizimoooo!!! me gusto muxo tu videooo te requiero montonezzzz!!!! porfiz cuando estez en. ….. . …..” Leer mas

Este video fue clasificado Prohibido para menores de 18 años .

The translation of the above message in English:

Lindoooo miiiii! ahahahaha this videoo muestrezzz not what to nadiesss = $ $ $ $ ZIII?? tiii is for! because? yoooo muxiiiisisisisizimoooo amoooo you! I liked your videooo thee therefore muxo montonezzzz!! porfiz when estez on. ….. . ….. “Read more

This video was ranked No one under 18.

Facebook Phishing Video Email

Users who click on the link are taken to a website that attempts to get them to download a file called Video_Multimedia.exe, which, according to Sophos, is actually Troj/Agent-YGD malware.

It is also reported that the hacker has used Facebook’s logo and styling to make the email message appear exactly like a Facebook message. If you have received any such email or message on Facebook, it is recommended that you delete it immediately without clicking any links.

To avoid being infected with malware such user is encouraged to:

  • Ignore unsolicited mail messages
  • Do not try to play video attachments in the body of the emails.
  • Validate the email domain and verify that the links correspond to the original domain.
  • Make sure you have an updated antivirus solution installed on your computer.

It is always recommended that you avoid clicking on scam messages. It is quite difficult to identify scams on Facebook. Here is a post on How to Identify and Avoid Facebook Scams. As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

Bookmark Techie Buzz Facebook Scams. We always keep you updated with the latest scams spreading on Facebook.

Published by

Joel Fernandes

Joel Fernandes (G+) is a tech enthusiast and a social media blogger. During his leisure time, he enjoys taking photographs, and photography is one of his most loved hobbies. You can find some of his photos on Flickr. He does a little of web coding, and maintains a tech blog of his own - Techo Latte. Joel is currently pursuing his Masters in Computer Application from Bangalore, India. You can get in touch with him on Twitter - @joelfernandes, or visit his Facebook Profile for more information.