Fake Facebook Email Video Link of Dancing Girl Leads to Malware

Facebook continues to get hammered with malware and malicious links and this time it is a "Dancing Girl" message that gets users attention so that they download malware.

Security researchers and the security firm Websense Security Labs ThreatSeeker Network have received reports of a malicious message being spoofed as a Facebook email message offering a dancing girl video. Within the message are links that lead users to download malware in the form of the infamous fake Adobe Flash Player update file. The file, as you may have already guessed, is Adobe_Player11.exe, which is nothing more than a malware parasite.

The spoofed Facebook email message comes with an enticing subject line that makes users think that it is a video of a dancing girl possibly on the verge of being pornography. The message looks like a normal legitimate Facebook message that invites the recipient to click on a link to view the video of the "dancing girl".

What do these messages look like or what is the subject of the email?

Some of the subjects that you may want to look out for are the following:

  • Dancing girl oriental dance
  • Dancing Girl Drunk In The Pub- facebook Video
  • Watch the Oooh! Super Beautiful Girl Dancing
  • Magnificent Striptease Dance
  • Hot Girl Dancing At Striptease Dance Party

If you get any Facebook messages that are related to those subject lines above then it may be in your best interest to delete them at once instead of risking a malware infection.

The Facebook message may look like figure 1 and figure 2 below.

Figure 1 shows a spoofed Facebook email message that offers a potentially explicit video through a malicious link contained in the email.
[image source: securitylabs.websense.com]

Figure 2 shows a preview of the so-called explicit video from the link within a spoofed Facebook email and asks that you save an Adobe Flash Player file "Adobe_Player11.exe".
[image source: securitylabs.websense.com]

You must always remember that you should never download an Adobe Flash Player from any site other than Adobe.com. If you ever get a prompt as demonstrated in Figure 2 then you must Cancel the request and then perform a spyware or virus scan with an antivirus or antispyware program. Currently the infection from this particular malware found in spoofed Facebook messages offering a Dancing Girl video has not been fully identified by all anti-virus venders other than the file Adobe_Player11.exe (SHA1 70456cd86d458452ee172a791cf1b9cfaf944ef0)

Have you ever received a spoofed Facebook email message remotely similar to this one?

Tags: .
  • Benjamin Wright

    Valentino: The cavalcade of security risks at Facebook is remarkable. The risks are a threat to workplace-related computers. Employers/organizations thus have security as a reason to block social network sites. --Ben