Beware! Hackers are using Facebook Messenger to Spread Locky Ransomware



Have you came across any Facebook Message with an image file of .SVG file format ? If not then you are lucky and if you received it then avoid clicking it.

If clicked, the file would eventually infect your PC with the nasty Locky Ransomware, a family of malware. In a short period of time, Locky has become one of the favorite ransomware tools of spammers. It usually spreads via spam emails with a disguised downloader.

This attack was first discovered by malware researcher Bart Blaze. Surprisingly, the malware manages to bypass Facebook’s file extension filter.

But Why SVG File Format ?


The answer is simple. SVG files have the ability to contain embedded content such as javascript which can be opened in the browser directly.

So hackers have added a JavaScript code inside the image file which redirects you to a malicious website mimicking YouTube.Then the site push a popup, asking you to download and install a certain codec extension in Google Chrome in order to view the video. The malicious extension used two names, Ubo and One.



Once installed, the extension gives the attackers ability to alter your data regarding websites they visit, as well as takes advantage of browser's access to your Facebook account in order to secretly message all your Facebook friends with the same SVG image file.

The worst thing here is that according to a malware researcher, the SVG file redirects to a malicious website which downloads a copy of Locky ransomeware on the victim's PC.
In case if you dont know what is a ransomeware. A  Ransomware is actually a  type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a good amount of money is paid to the attacker.

Locky ransomware is one of the most popular ransomware that locks all files on a victim's computer with RSA-2048 and AES-1024 encryption algorithms and unlocks them until the ransom is paid to attackers.

Remove the malicious extension immediately


If you are one of those who have already  installed one of the two malicious extensions, you can remove it by doing the following.

To remove the extension, just go to Menu → More Tools → Extensions and check for the extension and remove it.

Here's how to stop Facebook from secretly listening your conversation

Facebook is  using people’s smartphones to listen to what they say. But don't worry, here is an easy solution to stop it


It seems like Facebook have decided to take their advertisement service to the next level. We are already familiar with news that says that Facebook now tracks you even if you don't have an account or even if you have logged out of your account. There's nowhere to hide across the web, especially from the marketing and advertising companies.

Sounds scary right ? Well there is more to it. Facebook now uses people's phone mic to listen to conversation. Yes you heard it right.

Professor Kelli Burns has accused the social networking giant of listening to mobile phone audio of users through one of its features that are only available in the US. Prof. Burns teaches Mass Communications at the University of South Florida and he has managed to open a Pandora’s Box by suggesting that Facebook app might have been prying over unsuspecting users.

Professor Burns has said that the tool appears to be using the audio it gathers not simply to help out users, but might be doing so to listen in to discussions and serve them with relevant advertising. She says that to test the feature, she discussed certain topics around the phone and then found that the site appeared to show relevant ads.

Prof. Burns also proved this by enabling microphone feature on her mobile phone and spoke that she would like to go on a safari: “I’m really interested in going on an African safari. I think it’d be wonderful to ride in one of those jeeps.

Within 60 seconds there appeared a post on her Facebook feed about a safari story, which was posted around three hours before.



But according to the social network’s spokesperson: “Facebook does not use microphone audio to inform advertising or News Feed stories in any way. Businesses are able to serve relevant ads based on people’s interests and other demographic information, but not through the audio collection.”

This feature was introduced in 2014, around two years back and it is being purported by Facebook that it never “always” listens to or stores “raw audio” at all, but it does listens.

Here is how you can stop facebook from listening via your phone's mic


You can easily turn off the microphone on your mobile phone and if you do so, Facebook won’t be able to turn it on even if it wanted to. 


If you use iPhone, turn off microphone by following this pattern:

Settings> Privacy> Microphone.

If you are an Android users , you need to do this:

Settings> Privacy> Facebook> Permissions.

Beware, Fake Facebook Apps could serve up malware or steal your personal information



Most of the time we see our friends use various Facebook apps like 'top 5 friends', 'Your crush', 'people who have visited you profile' etc. Sometime these apps are fun and sometime quiet annoying too.

We use these apps just for fun and once we get the result we often forget about it. But have you ever wondered why someone out there spent lots of time create the app ? That too without any profit ? Well there are many profits.

Why These apps are created?

1. To earn money from ads

Whenever we try these apps, we are redirected to their websites which most of the times are filled with multiple ads. This is one of the main reason why these apps are made. These apps developers want users to go to the site so that they earn from the ads that are present in their site.

2. Earn money from affiliate

Also these sites are filled with affiliates as they know the interest of the visitors so they can easily sell target based products and earn from it.Affiliate marketing is the process of earning a commission by promoting other people's (or company's) products. You find a product you like, promote it to others, and earn a piece of the profit for each sale that you make.

3. Steal your personal information


This apps are mainly used to steal personal information. Whenever you try these apps they will ask for authorization which looks something like this.


Now most of the time they ask for little permission which are not actually required and giving them these permission can be very dangerous. For example if an app asks permission to access your inbox, it can be very dangerous as they can read all your messages and can also send messages on your behalf.

4. Spread malware


Once these apps get permissions like 'they can post on your behalf', 'they can comment on your behalf', these apps starts too spam with the help of your account. You might have seen in the comment section of some popular pages which are filled with recharge site links. These comments are actually done by these apps via user's account.

How to protect yourself from these apps?



There are many apps available which promises to do fancy stuffs. Always be careful while giving permissions to such apps. If an app requires permission to access your inbox, albums, phone number, status update, chances are there that its a fake app and they are just collection information about you and will use your account to spam others. Never use 3rd party apps which are not required.

But if you are already affected by any of such apps then follow these steps to recover your account.

 1. Go to your account and click on settings




2. Now click on the apps option present on the left side of the page.


3. Now you will get the list of all apps that you are using. Remove the apps which you are not familiar with.

 
Once you’ve removed the app or game, it should no longer post to your Timeline. If you still see a past story, you can remove it manually.

As an added security measure, you should also change your password and do a quick scan of your computer with a reputable up-to-date anti-virus solution just to make sure the app didn't leave any other baddies on your machine.

Conclusion


Facebook apps are great, they can make most of the work easy for us but many people are using these feature for a wrong purpose so we need to be very careful while using these apps. Also most of the time we use unnecessary apps. If you want to know who are your best friends you don't need any Facebook app to tell you that, do you ? Just go out and talk to your friends you will know it your self. Do you really need to use an app to know who is your crush ? I don't think so. Always use apps which are made by trusted sources.




 


Here is how and why Angaraag Mahanta's official Facebook Page was Hacked



On 23rd January I woke up in the morning and as usual I was scrolling through my facebook feeds. I saw few spammy links getting shared from the official facebook page of Angaraag Mahanta. For those of you who don't know,  Angarag Mahanta, known by his nickname Papon, is an Indian singer, composer and record producer from Assam. He is the lead singer and founder of the folk-fusion band called Papon and The East India Company. He recently won Best bollywood playback singer for the song "Moh Moh Ke Dhage" – Dum Laga Ke Haisha.

At first I thought why would he shared such links? and when I saw that few more links of the same website is getting shared, I was sure that either his page got hacked or it was infected by some malicious app.


Few hours later and more links of the same domain ( laughwithvoice.com ) were getting shared. The situation was getting worse as mostly NSFW contents were getting shared.

Here are few of the post which were shared on the page.





So I reached out to Angaraag Mahanta to know what exactly is happening. It turns out that I was right. His facebook page got hacked and the hacker removed Papon from being the page admin.

Here is the tweet that he made after his page got hacked.


How The Account Was Hacked ?


The hacker did a phishing attack to get the email ID and Password of the personal facebook account that was used by Angaraag Mahanta. 

Phishing is a form of attack in which the attacker tries to get information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels. Typically a victim receives a message that appears to have been sent by a known contact or organization. An attachment or links in the message may direct them to a malicious website set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details. 

Generally in phishing attack, the attacker makes a fake login page which looks exactly same as a legitimate one, only the URL of the page differs. The only way to know if the page is a genuine one or fake is is by looking at the URL.

But here the case was different. Here the attacker did not create a login page in some other URL. To make it look more genuine, the hacker created a facebook app and hosted the phishing page inside it. So the link appeared as http://www.apps.facebook.com/xxxxxxxxxx

After looking at this link, most of the people will be convinced that its genuine and not a fake one.

Here is the phishing page that was used to get the email and Password of Angaraag Mahanta.



As you can see it is a well crafted phishing page and a non technical person can never make out that its a phishing page.

Why The account was Hacked ?


The account was hacked mainly for profit and earning money. After his page was compromised, many news channels thought that may be some rivals of him might have done it. But I have a different theory.

Even After getting full access to the page, the hacker did not write anything against him on the page. All he did was, shared links of a particular site ( laughwithvoice.com ) . According to me, The sole purpose of the hacker was to make money from the traffic that he would get from the page. Angaraag Mahanta's facebook page have a huge number of active followers and anything that he shares gets thousands of likes and shares. The hacker wanted to take the advantage of that.

After looking at the WHOIS record of the site ( laughwithvoice.com ), we get to know that the site was created on 21st January. The hacker added a adsense account to it which means that he would earn from each visit that he gets on the site. Next the hacker wanted lots of traffics on his site so that he can earn. So he targeted Angaraag Mahanta's facebook page and managed to grab a lot. (I think)


As the hacker removed the admin from the page so it took us some time to get it back . We contacted Facebook Head Office regarding this and after working for 2 days  I was able to get back the page  on 25th January night and secure it. 

Once we got admin rights , I was inside the page and I saw that the hacker made almost 15 schedule post on the page. I removed all of those and also made changes on the page and secured it.

On 26th January Angaraag Mahanta made a post and thanked me for helping him recover the page.


Hello people! Happy to announce that after 4 frustrating days of crazy links posted on my page and multiple attempts...
Posted by Angaraag PAPON Mahanta on Monday, 25 January 2016

He met me on 31st january, at Rongali . He is such a humble person. I am happy I was able to help him.

Me and my friend with Papon Da

Final Words


The hacker calculated a lot before he carried out the attack. The website ( laughwithvoice.com ) was created 2 days prior to the attack and the hacker made the WHOIS record as private so that it become hard to trace. also since the website was new, there were no previous records of the site on the net.

Facebook page managers of celebrities should be very careful while clicking on suspicious links as most of the cyber criminals and fraudsters target such popular pages.

This flaw in Facebook allows anyone to manipulate the life event of any user



A minor yet interesting bug has been discovered by a security researcher which can be used to  manipulate the life event of any user who has his work status posted on Facebook. Although the bug, uncovered by the independent hacker Sachin Thakuri, is not a technical flaw but it can use to fool people into believing some fake news.

In the proof of concept he manipulated the life event of Mark Zuckerberg.

Here’s the original URL of Mark Zuckerberg’s original life event which says "Started Working at Facebook". and here is the  Manipulated URL which says "Left Job at Facebook"

 So how was he able to do this?


All Thakuri did is took the original URL of Mark Zuckerberg life event:
 https://www.facebook.com/zuck/timeline/story?ut=32&wstart=-2051193600&wend=2147483647& hash=971179541251&pagefilter=3&ustart=1&__mref=message_bubble
..and remove the ustart=1 parameter, which left him with
https://www.facebook.com/zuck/timeline/story?ut=32&wstart=-2051193600&wend=2147483647&hash= 971179541251&pagefilter=3&&__mref=message_bubble

As the flaw is not yet fixed, I tried to replicate the same in one of my friend's life event.


Here is the original life event post made my friend.

Original life event

And here is the fake life event made by me by manipulating the URL

Manipulated life event



 Thakuri reported this bug to the Facebook security team, but the bug has not been fixed as of yet. Even though this is not a serious or privacy flaw but the gravity of the issue is that on a client side the post appears to come from a valid user and there is no way to figure out that the post has been manipulated and has not been posted by a user.

This can be dangerous as it could be used maliciously by some people in order to fool victims into believing that someone has quit his or her job.

Facebook Will Now Notify You If government is Spying on You



Do you fear that  some suspicious activity is going on in  your Facebook account? Well, many of you would be aware of the fact that Facebook account hacking using phishing scams is on the rise these days. But the good news is that Facebook has just announced a very important thing about its platform. Now the social network will inform users if it believes that the account has been compromised by a government agency for snooping purpose.

Facebook now recommends users to turn ON "Login Approvals," so that their Facebook accounts can only be accessed using stronger two-factor authentication.

“The security of people’s accounts is paramount at Facebook, which is why we constantly monitor for potentially malicious activity and offer many options to proactively secure your account,” Facebook writes in an official blog.

But the important question that arises here is :

How exactly does the social network know that an account is being targeted by a government-sponsored hacker?


As of now Facebook has not disclosed how it would be able to differentiate between accounts compromised by a nation-state's hacker and smaller-scale attacker, saying that it has to "protect the integrity" of its methods and processes.

Facebook confirms that this notification does not indicate the whole social networking platform was compromised. It is only related to specific user’s account receiving notification.

Lets hope you never get this notification but in case you do, then take the matter seriously.


Facebook Moments App Sends Your Images From Camera Roll With Facial Recognition


Facebook Moments App Sends Your Images From Camera Roll With Facial Recognition

Many people do not upload the photos from the camera rolls in their mobile devices because the process of syncing photos to the cloud, creating albums and sharing the albums with others can be a great privacy risk among users   ( we all know about the iCloud disaster ) .

A new photo-sharing application has been released by Facebook this week called Moments. This app utilizes facial recognition technology to tag and send your pictures from your private camera roll.

Facebook says the following regarding the Moment app :

“Syncing photos with the Moments app is a private way to give photos to friends and get the photos you didn’t take. Moments groups the photos on your phone based on when they were taken and, using facial recognition technology, which friends are in them. You can then privately sync those photos quickly and easily with specific friends.”
The use of facial recognition tools can prove to be a privacy disaster and  it has already created concerns about privacy issues and caused problems for Facebook.


In Europe, the launch of the app has been suspended indefinitely, precisely because of its facial recognition tool that allows your Facebook friends to be identified.

Read :   Bypass Facebook Link Detection


Many users are not happy with the Facial recognition  since every taken picture will automatically be sent to your Private folder present on the app. This means, you will have to take some extra steps to finally share it publicly.

 Here’s how it works:



Your Hidden Facebook Photos Aren’t So Hidden



PictureMate ( initially picturebook)  is an extension for Google Chrome that lets you view hidden photos of your “friends” and your “friends” yours. Indeed, to the extent you can see the pictures of people who have not even added as friends on facebook. It means Users don’t have to be friends for PictureMate to work; you just install it and click when you’re looking at someone’s profile.

According to report PictureMate is rolled out as a Chrome extension on Monday. It’s the effort of Steven Goh, the developer behind the Javelin Browser for Android. The extension promises to “unblock and search for hidden pictures of anyone in Facebook.”

Say a friend tags you in an embarrassing photo. You can make it go away by selecting “hide from my timeline.” But this only stops people from viewing the photo within your timeline; it doesn’t in fact remove or block the photo in any way. If the photo’s privacy setting was set to “public”, anyone could have found it anyway.

Other users will still be able to see the photo by visiting your friend’s timeline, or simply by searching for it. PictureMate takes benefit of this loophole and surfaces photos you’ve been tagged in, in spite of of whether you’ve hidden them.

How to fix it:


  •  The only way to really hide your hidden photos from this tool is by untagging yourself. First, select “hidden from timeline” from the drop down menu under the photo’s date.
  • From there, select “Report/remove tag” from the popup window that appears
  • Then select “remove tag.”

This removes the tag, which will stop photos from showing on your timeline, or on the Picturebook extension.

How to verify multiple facebook accounts by same mobile number



Facebook is one of the most popular social networking site today. Millions of people daily visit the site to check whats happening around them. According to many surveys, more than 20% of facebook accounts are fake. and in order to minimize it facebook added the mobile number verification option where user need to enter their mobile number to verify that their account is genuine.

This post shows a trick using which one can verify multiple accounts using same mobile number.

Do the following to verify two accounts with the same mobile number.

  1. First verify both profile by email.
  2. Now deactivate any one of the account ( account setting > security > deactivate account )
  3. Now login with the second profile and verify it with the mobile number and deactivate it.
  4. Now login to the first account which you deactivated earlier and verify it with the same number.
  5. Now reactivate the second account.

Now both of your accounts are verified with the same mobile number.

Facebook - Faceing Lawsuit For 'Harvesting' Private Messages


Facebook faces class-action lawsuit in Canada for allegedly intercepting private message of its users of social network.

The private messages were “harvested” by Facebook in violation of its ‘users’ privacy, without their knowledge. This was been said on Wednesday by Rochon Genova, the law firm representing the users. 

Facebook did not disclose to users that their private messages would be intercepted and scanned, and all the contents of those messages treated as “likes” for third-party sites through the social plug-in function, according to the law firm.

The class-action lawsuit in Ontario includes all Canadian resident Facebook users who sent or received their private messages containing URLs up to October 2012. There are more than 18 million Facebook users in Canada and around three-quarters of them log on to Facebook at least once a day.
The company is already facing similar lawsuits in the US for alleged interception and scanning of the content of private messages.

Check Pending Request On Facebook



Hello everyone today I am going to share a trick by which you can check the pending friend request on facebook. The best thing about the trick is that once you know the person who have not accepted your friend request then you can cancel the friend request so that you don't get blocked by Facebook for having a lot of friend request.

Security Measures in Internet Cafe



Most of us visit Internet cafes often as it is often faster than our home internet connection so we often go for downloading HD videos , Songs etc, also many people go to internet cafe for official purposes. There they transfer money from their bank accounts, Check mails and do different activities. Here the question arises that is Internet cafes safe? Well sadly the answer is no. Most of the cafes are infected.

You sit down, struggle with the broken keyboard in an internet cafe to email a few friends, pay and leave. And after few days when you try to sign in you see that someone changed your password !

Secure Your online Conversation



These days most of our conversation happens online.We use social networking sites like Facebook, Twitter and also many messaging service like hangout, Yahoo messanger etc.Using these sites we often send sensitive information like phone numbers, Physical address, Credit card details and private photos to our friends and family members.

Monitoring A PC With Gecko Monitor



There maybe a number of reasons that you want to monitor yours or someone else's PC. With the help of computer monitoring software (otherwise known as keyloggers) you can view all activity undertaken on the target machine, including everything typed and every website visited. Installing computer monitoring software could be the solution in a number of situations; from catching a cheating spouse, to acquiring a password to someone's account on a certain website, to simply keeping an eye on the family PC.

Bypass Facebook Link Detection



So in my last post i showed you how to create phishing page using Super Phisher and how to host it.

Well creating and hosting a phishing page it easy but if you are creating a facebook phishing page than things are not so simple because facebook has blocked all free hosting and url shortening service so even if you host your phishing page,you will not be able to send the link to the victim via facebook.

Create Fake Login Page of any site with Super Phisher Tool Part II



This is the second part of  '' Create Fake Login Page of any site with Super Phisher Tool ''. Many people said that the tool is not working properly and few were saying that they are facing problem in uploading it.So in this post I will make everything clear to all.

To download the tool read my first post on it here:

 Create Fake Login Page of any site with Super Phisher Tool

Now after downloading it,run the tool and enter the URL of the site you want to create phishing.





Here I have made phishing page of facebook.You can create phishing page of any site you like by this tool but if you want to make of facebook than you can better download my file here:




Now you have two files in it.Follow the below steps:

1. Create an account on any free hosting site.Here I used www.my3gb.com

2. Go to the control panel


3.Clik on File Manager

4.Upload the two file that was generated by the tool or downloaded.


5.Give the link of the site you created to the victim.after someone enters the ID and password in the phishing page open the file manager.you will get a new file uploaded there.open that file and you will be able to get the ID and Password.

But this is not the end.There comes a problem,facebook has blocked all free hosting sites.So if you will give your site link to the victim via facebook,it will be detected and you will not be able to get the ID and password.Wait for my next post where i will discuss how to bypass facebook's Link detection.




Facebook servers go down after stock rises

Facebook servers go down after stock rises


Facebook users worldwide were unable to access the popular social-networking website on their computers after it went down for almost two hours early this morning.

Outages were reported by Users from countries such the United States, India and Egypt, as well as readers from Singapore.

Other readers have said that loading the website was very slow.

Even mobile devices were not spared as some users on iOS and Android devices using the mobile app reported being affected by the outage. Other users were able to access Facebook using the app while being unable to access it on their computers.

Facebook chat window being used to spread new virus.


A new virus is reportedly spreading across computers through the chat window of the social networking giant Facebook
The pop-up window, used for person-to-person chat, pops up with a message from a 'friend', which links to an innnocent looking website.
Clicking on the link immediately infects user's PC with the virus, labelled Steckt.Evl by discoverers Trend Micro, The Daily Mail reports.
The virus instantly disables and removes anti-virus software, then spreads itself by opening chat windows on the Facebook friends of the user.

Download your Facebook albums with Photograbber

Facebook the largest social network is a virtual world where people spend more time than real world. We all use it to share our daily experience, photos, videos and everything we think. We can easily create albums and create photos with friends. 
Sometimes we need to download all the photos in our system. Although, Facebook has given an option to download all Facebook data including status and comments. But what if we only want to download photos. There are some nice tools which can help. PhotoGrabber is also a nice tool to download photos from Facebook.

How to get more likes on your Facebook Fan page


Facebook is the social networking hub which can prove to be a very useful medium to promote your blog and get targeted visitors. Facebook Fan page is a must for every business these days no matter if it is online or offline. If used successfully and marketed well you can end up having thousands of likes on your Facebook page. The Facebook Page keeps your readers updated about the happenings on your blog even if they do not visit it quite often. When a user likes any of your posts on Facebook than that makes it visible to their friends which indirectly increases your blogs visibility and reach.


If you have been unsuccessful in getting more likes on your Facebook fan page than some of the tips given in this post by me are sure to help you get some more likes on your Facebook page.

Strong Friends Network: 


This is one of the most crucial and probably most helpful in increasing the number of likes on your Facebook fan page. If you have a strong network of loyal friends on Facebook than you don’t have to do much for getting likes on your page. You can start sharing your page with your network of friends and tell them about your page and how it will help you. All of your friends may not like the page at once but you can share it often on your wall and tell them about your brand or blog. Don’t forget that each like counts because when your friends like your page than in-turn they are sharing it with their friends.