a handful of my friends have had their facebook/msn accounts compromised thus far. this results in url spams being sent from their accounts that includes links to websites that further infect people who click on those links. it's some sort of a social engineering tactic employed by these trojans.
my first advice to them (although i'm not sure yet how effective this can be) is this: change your password. it's sure as hell simplest to do (regardless of the account type) and given the mechanics i'm guessing the virus is built upon, this should stymy the actions available to the intruder.
my best guess for a logical effort of the intruder is to do the following steps:
1) collect and gain access to accounts of strangers through social engineering
2) "spread the word" to acquire the friends of these people
3) the logic should then "phone home" at the first trigger
4) this should notify the intruder of the compromised account login details
5) the login credentials are stored centrally
6) another program then routinely spams via accessing these compromised accounts
that said, it's possible that the above can be stopped (albeit temporarily in certain cases) by simply changing your password, thereby preventing the account from being penetrated again.
sure they could have changed your password, but the intruder would not want to change your password as they rather you not detect that your account has been compromised at all. and doing so might easily alert the authorities if done en masse.
No comments:
Post a Comment