Malicious links Facebook – Part 3

Malicious links Facebook – Part 3
Spread the love

Malicious links Facebook – Part 3

 

Ways to spread malicious links to Facebook in the previous two parts Malicious links Facebook – Part 1 and Malicious links Facebook – Part 2 We talked about a set of ways in which malicious links spread on user accounts via social networking sites and Facebook in particular.

 

Now we will learn about new methods of exploitation and deception that lead to the spread of these types of ties.

There is a kind of malicious link that spreads in the form of videos that entice people to watch them, such as porn videos or other videos. Whereas, when a person clicks on a video or link, he is converted to a fake Facebook page.

 

It will appear to the person that he or she must post the video (share it to friends) in order to be able to view the video. After he shares it (in order to appear to friends), he is transferred to a forged page on a site similar to YouTube, the shape of which will be filled with the following image, so that he requests him to install an add-on for the browser.

 

This addition is either a malicious program to spy on it and on its device, or it is a malicious program called Adware, which is programs that show ads in the form of windows and others whenever you open the browser and the goal is to be a financial and profit goal.

 

Sixth type:

There is a type very similar to the previous type, but the difference is only that it requires you to answer a set of personal and general questions in the form of a questionnaire and does not ask you to install or download any addition to play the video, as in the following image:

 

The aim of this type is a highly profitable goal, in which the fraudsters who publish such malicious links are in agreement with the authorities responsible for such surveys. And every time a referendum is completed, a sum of money will be paid to the fraudsters on their part.
Seventh type:

Some malicious links, and once you click on them, will direct you to a fake page from YouTube as before, this page informs you that the Adobe Flash Player extension is not updated to the latest update.

Until now, things are similar to the previous one, but by clicking on the update button, a malicious executable file is downloaded to the device. This file adds itself to programs that run automatically when the device is restarted.

This file executes a CSRF attack, which requests the access token via the following code:

As we talked previously, obtaining the user’s access code means that you can use his account just as you are 🙂 … of course, depending on the authorities.

 

Malware Analysis Tools

Malicious links Facebook – Part 2

Malware Analysis Tools

mmker

I'm a Computer Engineer Information Technology fields, specially in Info-sec field. Also, i'm freelance instructor in Ethical Hacking, Secure Web Development, Penetration Testing and Security Awareness. I have the following certificates : CEH, CHFI, ECSA, LPT Master, & ISO 27001 LI.

Leave a Reply

Your email address will not be published. Required fields are marked *

thirteen − one =