Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    Advanced threats researcher Jonell Baltazar recently spotted an instant message that contains a link to a malicious page.

    Click

    The use of instant messages to spread malware is no longer new; neither is the use of URL shorteners. What is somewhat unusual is how these URL shorteners were used.

    The URL shortener used in this attack, ow.ly, shortens long URLs using the format http://ow.ly/(5 alphanumeric characters). Note that the spammed URL was padded with the query string ?=www.facebook.com/photo.php. This can lead users to believe that they are going to a Facebook page to see a picture, as the instant message says. Unwitting users, failing to see the entire URL, are led to believe that they will land on a Facebook page instead of a malicious page.

    Users should always exercise caution in clicking strange links, regardless of source—social media, email messages, or instant messages.

    The malicious link downloads a worm detected by Trend Micro as WORM_YIMBOT.A. Smart Protection NetworkTM already protects Trend Micro product users from this attack. In addition, the site the shortened link targets has also been blocked.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice