There’s a new Trojan transmitting via Facebook of which users should be aware.
The malware software is called LillyJade, and is available for download at underground websites. When a hacker downloads the program, they can modify it to meet their needs. They then release it as a browser plug-in (software that adds functions, e.g., the ability to automatically translate a website), to your browser. It transmits itself by sending messages to an infected user’s Facebook friends with a link encouraging them to download the plug-in.
At this time, the purpose of the malware appears to be to conduct “click fraud.” It shows fake ads on sites like Facebook, Yahoo and MSN. These ads are usually pay-per-click, which means that any time an infected user clicks on one of these fake ads, the hacker gets paid.
There are two interesting things about this program. The first is that it infects browsers, not systems. This makes it nearly undetectable to virus scanners, which scan for infected files on your computer’s hard drive. The second is that the program can be modified to run on nearly any browser regardless of the operating system.
Tips to avoid being infected
Here are four tips on how to minimize the chance of being infected by malware like this.
- Keep your browser(s) up-to-date.
- Don’t click on suspicious links.
- If a friend messages you with a link, encouraging you to click on it, verify with them that they sent the link.
- Don’t install browser plug-ins, unless you’re sure they’re from a vetted source.
As with any malware threat, proper preventative measures will normally be enough to ensure that your system is safe. If you’re unsure if your system is secure, or would like to implement more robust security measures, please contact us. We have a solution for you.