Facebook users warned vs performance 'hacks' and scams 

Users of social networking site Facebook were warned Wednesday night against a supposed tool that can extract Facebook passwords.

 

Security vendor Trend Micro said the tool appears to be a software installer that drops a malicious file into a victim's machine.

 

"Once installed, it displays a window that requires users to encode the email address or Facebook ID of their target Facebook account... To appear legitimate, the program even shows a window to indicate that the request is in progress. After 2-5 minutes, it informs users that the desired password has been found," it said in a blog post.

 

But to acquire the supposed password, users must purchase a product key, which costs US$29.99.

 

Once the users fork out the amount, they are reverted to a site where they are again required to encode the email address or Facebook ID.

 

With the key already provided, the program now shows the supposed passwords.

 

However, Trend Micro pointed out the program will be useless if the password is not already stored on the target computer.

 

"The program downloaded and used a free third party application, designed to recover and display saved passwords in the users’ local browser cache. Thus, the retrieval of the credentials will only work for users who have passwords stored in their systems. The said third party app is a legitimate password recovery, but was used maliciously in this attack," it said.

 

Trend Micro said its products detect the rogue program as SPYW_FAKEHACK, while the dropped file “Toolbar.exe” as ADW_PLUGIN.

 

Also, Trend Micro warned against a separate threat that drops a malicious file detected as TROJ_VBINJECT.XG, which is a keylogger.

 

"Some Internet users may be lured into downloading these tools, as they promise access to someone’s Facebook password without the their consent. Luckily, instead of the actual password, users who download these hacking tools acquire a different password and ends up paying for a bogus service," it said.

 

SOPA-related survey scam

 

Meanwhile, Trend Micro also noted several suspicious wall posts on Facebook that leverage the controversial Stop Online Piracy Act (SOPA) bill.

 

Users who click the links contained on these wall posts are directed to another site and ultimately land on a survey scam page.

 

"This attack is your average clickjacking attack that leads users to survey scams, with affected users spamming the same malicious wall posts to their Facebook contacts," it said. — TJD, GMA News