Researchers Find Trojan Using Facebook

ID THREATPOST:117FCB356872BDA53112A34C674C819C
Type threatpost
Reporter Donald Sears
Modified 2018-08-15T14:17:24


Researchers at Symantec have discovered a trojan that uses Facebook to communicate with a control and command server. Dubbed “whitewell” this malware spreads via email, contacts the mobile version of Facebook and uses its Notes section to perform actions based on the Notes titles. Andrea Lelli wrote on the Symantec Security Response blog that Web server urls can be embedded in the Notes and be controlled. Other commands recognized in the title have executable links or can have the trojan wait. The trojan is not using flaws or exploits, but “standard Facebook functionality” in a targeted attack. Read the full article. [eWEEK]