New FTLog.A worm spreads through Fotolog social networking website, reports PandaLabs
02/25/2010

Fotolog is a photo-blogging site with almost 30 million users worldwide. The worm tricks users with a video that conceals the dangerous worm

Online PR News – 25-February-2010 – – PandaLabs has reported the appearance of a new worm, FTLog.A, which spreads through the popular Fotolog social networking site. This foto-blogging portal is used by almost 30 million users around the world.

The worm spreads by inserting comments in the targeted user’s page prompting them to click a link, supposedly pointing to a video. This comment reads as follows (see image in Flickr: http://www.flickr.com/photos/panda_security/4384612808/):

“hey xxxxxxxxx, encontré este video tuyo acá (hey xxxxxxxxx (user name), I found a video of you here

(Malicious link)

Eres tu no es verdad? (It’s you, isn’t it?)

If the user clicks the link, the system will ask for permission to download a divx video codec, which is actually the worm (see image in Flickr http://www.flickr.com/photos/panda_security/4384612850/).

Once installed, FTLog.A redirects the browser to a site with explicit content and a Web page that asks users for their data in order to claim a (false) prize (see image in Flickr http://www.flickr.com/photos/panda_security/4384612782/). If the user clicks Get Free Access a setup.exe file is downloaded which, once run, installs the MediaPass Plugin.

It also changes the Internet home page and injects code into the browser to display pop-up ads, disrupting the user’s browsing experience.

“Cyber-crooks are increasingly exploiting social networking sites to spread their creations as they offer a huge number of potential victims”, explains Luis Corrons, Technical Director of PandaLabs. “We have already seen malicious code that exploits Facebook or Twitter. This time it is Fotolog’s turn unfortunately”.

To prevent this type of infection it is important to remind users not to click suspicious links from unknown senders and keep an up-to-date antivirus solution installed on their computers.
More information available at the Panda Security Encyclopedia (http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/).

About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 99.4% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), who work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com

For more information:
communication@pandasecurity.com
Tel. +34 91 806 37 00