Facebook’s immensely large user-base has made it the subject of viral attacks. More than being directed towards Facebook though, the attacks target its gullible users who’re often looking at things like finding out their Facebook friend’s password, sending them a notification when someone unfriends them or the people who viewed their Facebook Profile. A new threat seems to have been uncovered by a security research firm that could soon make its way to a number of systems.
Techcrunch is reporting that an unpublished report from LMNTRIX has identified a new variant of a Facebook Password Stealer. This software tempts you into setting it up by offering to provide you the passwords of your Facebook friends but instead sneaks in a trojan in your system which sends your own password to the application’s creators instead.
After being installed, the software, ironically titled Instant Karma, drops an executable in your system named spoolsvfax.exe which the security firm has identified as being a Trojan. This executable then runs in the background snooping around to see the information that you enter and sends it over the network. The threat seems to be targeting Windows users and while specific versions are not listed, it’s highly likely that the hack would work on all versions of Windows.
Security has become a hot topic of discussion in the tech community, with some even resorting to lapses in it to make a full-fledged living. Posing as hackers, these nefarious elements unleash a destructive virus called ransomware that holds the user’s system hostage, releasing it only when the requested payment is made. In May, countries around were hit by the WannaCry ransomware, with another termed Petya followed suit. Recently, HBO has been the victim of a cyber-attack in which hackers have stolen over 1.5 TB of info and demanded a significant amount of ransom in a rather dramatic fashion.
As always, if you come across a Facebook Password Stealer or any similar software providing you passwords of other users easily, don’t fall for it. For it is definitely a trap by the app to steal your own info and you’ll only be at the receiving end of some Instant Karma.