On February 18th we conducted an analysis on a malicious application which through social engineering, deceived Facebook users to grant enough privileges in order to obtain personal information, post in their wall and continue the spreading.

So far, the use of this social network has been extended greatly and some users know better than others how to carry out the privacy configuration of their account or how to eliminate, block or restrict access to some information, to applications that abound in Facebook, unfortunately, they are not the most.

Yesterday, we received a notification about an email which downloads, installs or executes a malicious file that behaves like a bot. This email is, allegedly sent by TuParada.com page team and invites to the receiver to see a postal that someone, apparently, has sent it.

Yesterday we received notice of a series of emails that are spreading malware through a campaign of scam related to the Tsunami in Japan. 

Yesterday we received a notification about a malicious link, which is spread on Messenger. This link pretends that the victim clicks on it to see an alleged image from Facebook, also, at the end of the link appears the receiver's email.

It was reported to UNAM – CERT about an alleged malware which spread by means of an alleged email from Gusanito and it suggests to the victim to click on a link to see a postal.

The email is an image containing a link which redirects to the site xxxxxx.com/images/Ver.php,  the image is taken there in the url xxxxx.com/dreams/Postales/gus.jpg. 

Yesterday, we received a notification from a user about certain links which are distributing malware through Facebook chat. These links are referring to a photo and have the objective of cheating users when clicking on them.

It was reported to UNAM – CERT about a malicious file spread by alleged notes from El Universal. The article describes the supposed rape of singer Kalimba in a jail cell where he is at this moment.

The site www.soccerluck.com/xxxxxxxxx/001.SWF downloads a malicious file .exe, this site is hosted in the state of New York, USA.

Yesterday, in the website seguridad.unam.mx was published a note (http://www.seguridad.unam.mx/noticias/?noti=4285) that refers to a worm spreading in Twitter, which uses the Google service goo.gl, to shorten links, it redirected the user to several sites, where through the website (m28sx.html), it can be downloaded a fake antivirus.

It is no wonder, but this year started with a common problem in 2010: malicious code spreading through instant message, in this case, through Microsoft Windows Live Messenger.

.

This is the message: