![facebook scam trend micro download facebook scam trend micro download](https://www.trendmicro.com/content/dam/trendmicro/global/en/research/20/k/trend-micro-check/trend-micro-check-in-facebook-msgr.png)
- Facebook scam trend micro download password#
- Facebook scam trend micro download license#
- Facebook scam trend micro download free#
This attack is your average clickjacking attack that leads users to survey scams, with affected users spamming the same malicious wall posts to their Facebook contacts.
![facebook scam trend micro download facebook scam trend micro download](https://m.media-amazon.com/images/I/61UqCGYXjEL._SY741_.jpg)
Users who follow the instructions are redirected to several pages, which eventually leads to a survey scam page. Users who click the links contained on these wall posts are directed to another site: We also noted several suspicious wall posts on Facebook that leverage the controversial Stop Online Piracy Act (SOPA) bill. Survey Scam on Facebook Takes Advantage of SOPA
![facebook scam trend micro download facebook scam trend micro download](https://i.pcmag.com/imagery/reviews/01dAgvxa8NjrrXIJVUn3KB1-40..v1602539318.png)
Facebook scam trend micro download password#
Luckily, instead of the actual password, users who download these hacking tools acquire a different password and ends up paying for a bogus service. Some Internet users may be lured into downloading these tools, as they promise access to someone's Facebook password without the their consent. The dropped file is a keylogger that hooks certain APIs, steals information from the infected system, and sends stolen information to a specific URL. Once users download and run this tool (detected as TROJ_DROPPER.ZGD), it drops the malicious file (detected as TROJ_VBINJECT.XG). My colleague Sarah Calaunan also uncovered another hacking tool for Facebook being peddled on the site below: Trend Micro detects the rogue program as SPYW_FAKEHACK, while the dropped file "Toolbar.exe" as ADW_PLUGIN. If the hacking tool failed to download the third party app, the program would instead display the following error prompt: The said third party app is a legitimate password recovery, but was used maliciously in this attack. Thus, the retrieval of the credentials will only work for users who have passwords stored in their systems.
Facebook scam trend micro download free#
Since the key was already provided, the program now shows the following:īut how did the program obtain these? Simple: the program downloaded and used a free third party application, designed to recover and display saved passwords in the users' local browser cache. If users opt to buy a product key, they are reverted to the site Once purchased, users are again required to encode the email address or Facebook ID. Now for the interesting part: to acquire password, users must purchase a product key, which costs US $29.99. After 2-5 minutes, it informs users that the desired password has been found: To appear legitimate, the program even shows a window to indicate that the request is in progress. Once installed, it displays a window that requires users to encode the email address or Facebook ID of their target Facebook account: Installing the setup file drops the malicious file "Toolbar.exe" in the users’ temporary folder without their knowledge.
Facebook scam trend micro download license#
Based on our analysis of the setup file, it behaves like an ordinary installer that displays an end-user license agreement (EULA) and gives users the option to save the program in their preferred folder. When I checked, the file is supposedly capable of obtaining Facebook passwords. While monitoring our Smart Protection Network™ data, we noticed a suspicious file from the website From the looks of the domain name, it suggests that it hosts a hacking tool for the social networking site Facebook.