Trust is vital, and cybercriminals know that there’s a higher probability that you will click on a link sent by a trusted friend, not from a complete stranger.

Yesterday, one of my Facebook friends sent me a direct message indicating that his host has been compromised, and is currently being used to send links to a malicious .zip archive through direct messages to all of his Facebook friends.

More details:

Sample screenshot of the spamvertised direct download link:

Same compromised direct URLs used in the direct messages:

All of these redirect to hxxp:// – – AS8560 where the user is exposed to a direct download link of

Detection rate: MD5: dfe23ad3d50c1cf45ff222842c7551ae – detected by 20 out of 43 antivirus scanners as Trojan.Win32.Bublik.iez; Worm:Win32/Slenfbot

Webroot SecureAnywhere users are proactively protected from these threats.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This