Massive Facebook Malware campaign which you need to know about!

Have mercy on the unaware Facebook users. Hackers have launched a massive Facebook malware campaign which is using automated “leaked videos” messages to lure unaware Facebook users to the malicious website which is hosted on hxxp://chraksadqw.blogspot.nl/.

The campaign is using names of famous people and it has been setup in such a way that it will include a picture of the “famous person”.

Once the unaware user clicks on the malicious Facebook campaign link, the user will be redirected to hxxp://chraksadqw.blogspot.nl/. Once the victim lands on the malicious website, the user will be prompted to download a malicious file which will claim to be a video or a video codec.

malicious facebook virus
malicious facebook virus

The Facebook campaign is using the following automated messages, please be aware that we do not have ALL the names of the automated campaigns:

  • Anjali Sudhanshu private leaked
  • Davit Odikadze private leaked
  • Giorgi Akobia private leaked
  • Lika Kurtanidze private leaked
  • Aman Ullah private leaked
  • Sk Shrivastava private leaked
  • Nika Nika private leaked
  • Zura Baxia private leaked
  • Roshani Toshniwal private leaked
  • Daniel Abing private leaked
  • Hama Maàmri private leaked

URL Details

URL
nudecelebritiesleak.blogspot.com/

Domains connected by the Malicious Facebook campaign

Please do not that not all the domains which are listed below are malicious. This is just a connection list.

Domain IP
nudecelebritiesleak.blogspot.com 173.194.66.132
nudecelebritiesleak.blogspot.nl 173.194.66.132
www.blogger.com 173.194.66.191
apis.google.com 173.194.66.100
themes.googleusercontent.com 173.194.66.132
w.sharethis.com 95.100.97.35
pagead2.googlesyndication.com 173.194.66.155
googleads.g.doubleclick.net 173.194.66.154

The malicious website, tries to install a malicious application on the computer of the victim. We have scanned the dropped package with VirusTotal, so the antivirus companies will be able to detect the Facebook campaign. You can view the virustotal results here.

Facebook campaign virus
Facebook campaign virus

If you think that you have been infected by the malicious Facebook campaign. Then I urge you to run an anti-virus scan on your computer. The antivirus scanners are able to identify and remove this Facebook campaign.