In a sign of the ever-growing sophistication of online threats, a new Trojan program combining the Facebook and YouTube platforms and mimicking up to 16 different types of security software is creating havoc for unsuspecting social networkers.
The Trojan, dubbed Trojan.FakeAV.LVT, initially tricks Facebook users into believing that a video about them has been posted on YouTube.
When users click on the notification, they are taken to a page containing their name, as listed on their Facebook profile, as well as comments from their friends.
Then, when they try to watch the video, the Trojan prompts them to install an ‘updated version’ of the Flash player plugin. This download carries software capable of impersonating a variety of different security solutions.
The software tells the user to restart their computer, and upon doing so uninstalls the genuine security and begins using the PC to spread itself to other machines.
Catalin Cosoi, head of BitDefender’s anti-malware research lab, says the Trojan takes malware to a new level by presenting convincing scenarios at each of the stages in its process.
"The video looks and feels real as it contains your name in the title, as well as comments from your Facebook friends,” Cosoi says.
"Fake antivirus solutions used to be easy to spot, as they’re often completely different to the one that you have installed onto your system.
"However, Trojan.FakeAV.LVT is deceptively clever as it is capable of replicating almost any antivirus or online security software on the market today.”
Cosoi recommends always downloading updates from their own locations rather than via links in other sites to defend against attacks.