'Candy crush' addicts warned vs new survey scam

Here's another reason for addicts of the popular mobile game "Candy Crush Saga" to be careful in surfing for free lives  – the next site they visit may contain malware.

Security vendor ThreatTrack Security said one such site is a Tumblr blog being used to spam so-called “Profile Viewer” executables.

"The Tumblr in question is Candycrushsagafreelifes.tumblr.com. The site content will be familiar to most of you: 'Welcome to Profile Viewer,' with the claim that numerous people are looking at your profile. This one is a little different in that it contains a box filled with instructions, instead of the usual surveys," it said.

 http://www.threattracksecurity.com/it-blog/profile-viewer-executable-leads-to-browser-redirects-and-xpi-installs/

But visitors to the site will be greeted instead with a web page offering to insteall an app that claims to let them see who is viewing their Facebook profiles.

The site urged them to download ProfileViewersSetup.exe, which claims to a “Page Loaded Installer” from Facebook.

Once run, the installer will install an .xpi file that places “WhoViewS 5.2″, by “Crosk Safari” on Firefox.

On the other hand, it will cause Chrome to redirect to another fake Profile Viewer website, which "pop(s) some surveys in an effort to make some affiliate cash from anybody willing to hand over their personal information / phone number / anything else to the third party advertisers."

ThreatTrack Security said it has informed Mozilla about the .xpi install. — LBG, GMA News