How to remove malicious Facebook applications?

On February 18th we conducted an analysis on a malicious application which through social engineering, deceived Facebook users to grant enough privileges in order to obtain personal information, post in their wall and continue the spreading.

So far, the use of this social network has been extended greatly and some users know better than others how to carry out the privacy configuration of their account or how to eliminate, block or restrict access to some information, to applications that abound in Facebook, unfortunately, they are not the most.


Malicious applets that spread malware

Yesterday, we received a notification about an email which downloads, installs or executes a malicious file that behaves like a bot. This email is, allegedly sent by page team and invites to the receiver to see a postal that someone, apparently, has sent it.




Phishing of Mexican banks

Yesterday we received notice of a series of emails that are spreading malware through a campaign of scam related to the Tsunami in Japan. 



Bots that use Messenger and Facebook for their spreading

Yesterday we received a notification about a malicious link, which is spread on Messenger. This link pretends that the victim clicks on it to see an alleged image from Facebook, also, at the end of the link appears the receiver's email.


Scam campaign through apps on Facebook


Fake email of Gusanito postals spreads botnets

It was reported to UNAM – CERT about an alleged malware which spread by means of an alleged email from Gusanito and it suggests to the victim to click on a link to see a postal.

The email is an image containing a link which redirects to the site,  the image is taken there in the url 


Zombies through Facebook

Yesterday, we received a notification from a user about certain links which are distributing malware through Facebook chat. These links are referring to a photo and have the objective of cheating users when clicking on them.


Video: Kalimba was abused by an agent, it spreads Pharming attack

It was reported to UNAM – CERT about a malicious file spread by alleged notes from El Universal. The article describes the supposed rape of singer Kalimba in a jail cell where he is at this moment.

Correo electrónico

The site downloads a malicious file .exe, this site is hosted in the state of New York, USA.


Twitter worm strikes and redirects to a fake antivirus

Yesterday, in the website was published a note ( that refers to a worm spreading in Twitter, which uses the Google service, to shorten links, it redirected the user to several sites, where through the website (m28sx.html), it can be downloaded a fake antivirus.



Bots spreading continues on messenger

It is no wonder, but this year started with a common problem in 2010: malicious code spreading through instant message, in this case, through Microsoft Windows Live Messenger.


This is the message: