Hi (Rand) malware messages on Facebook today

Blog Topics

Hi (Rand) malware messages on Facebook today

by Robert McMillan, Security Blanket

Mon, 2009-06-29 17:55

Good thing the social engineering here sucks.

Facebook users are getting private messages from firends this morning containing the words Hi (Rand) and a link to a Web page.

Not surprisingly, this is a scam. In fact the link takes you to a Web site that attacks your computer.

Roger Thompson, Chief Research Officer with AVG Technologies say's the attack appears to be based on the Luckysploit toolkit, which throws a big whack of different attacks -- IE, Adobe, etc -- at your browser. If you're not fully patched, then it installs a rootkit on your PC.

I've seen a message that includes a link to the bulitre. com (don't go to these domains, they will attack you) and in Twitter messages Facebook users also mention the domain junfunrun . com. (which shares the same IP address)

Judging from the Twitter chatter, this looks low-volume right now, but it still sucks.

» read more from Robert McMillan | post a comment

Reader Feedback

Tue, 2009-06-30 11:33

Hi (Rand)

By Anonymous

Do I have to worry if I use a Mac and was foolish enough to press on the link

» Reply | Report as spam

Mon, 2009-06-29 23:11

any word on whether this

By Anonymous

any word on whether this affects windows and os x or just windows?

» Reply | Report as spam

Mon, 2009-06-29 21:55

hi(rand)

By Anonymous

i accidentally opened that message :S whatta heck ill do now???

» Reply | Report as spam

Post new comment

VIRTUAL CONFERENCE

Security Directions: A Virtual Conference

Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST

Protecting PII: How to Work with IT to Manage Risk

Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Sponsored Links

Trend Micro ranked #1 against real-world malware. Read more.

64-page prescriptive guide to security, compliance, and IT operations.

Removing Barriers To Better Server Virtualization Efficiency

Mining for Gold: Cybercrime Prevention and the Role of Log Management

The Executive Guide to Data Loss Prevention

Organizations can spend up to 50% more on compliance efforts than necessary.

White Paper: A Security Blueprint Delivered From within the Network

Read the RSA report: Security for Business Innovation

Upgrading to VMware vSphere with vWire

Explore the increasing importance of log management as cybercrime threats grow.

The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164

Implementing Best Practices for Web 2.0 Security

Five Ways to Reduce Your IT Audit Burden