By Mark Sutton
New worm targeting Facebook uses Google Reader to make links appear legitimate
Security company Fortinet is warning of yet another worm that targets Facebook users.
The new worm is a variation on attacks that started during the Summer , which appear as messages from a friend which appear to direct the user to video, but actual send the user to a malicious download site.
The new version of the attack appears as a message received from an infected friend, which again directs to an online video. The link then directs to a page on Google Reader, Google’s news reader service, with the apparent intention of making the unsuspecting user believe that as the video appears to be hosted on Google, the site is safe.
If the user clicks the link, they will be prompted to install a video codec, which is actually a Trojan carrying malware.
Fortinet said that appears that criminals had registered Google Reader accounts, either manually, or automatically via phishing operations or automated CAPTCHA solvers, in order to load them with malicious links.
The company advises that its customers using Fortinet antivirus and Web content filtering services should be protected. Fortinet also warns users to beware of messages with links in them, even if they appear to be from a friend or contact, and to avoid any messages that prompt the user to install new software or executables.