English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Google+ fake invites = malware

Fabio Assolini
Kaspersky Lab Expert
Posted July 07, 20:15  GMT
Tags: Social Networks
0.6
 

These days, invites to the new social network created by Google are a popular subject among users that want to try it.

If a subject is popular it also can be used by cybercriminals as a trick to infect curious users – and Brazilian cybercriminals have already started sending fake invites with malicious links pointing to malware, specifically Trojan bankers.

Today we found one of them targeting Portuguese speakers:

The fake invite has a link pointing to google****.redirectme.net. When accessed it redirects to a very common Brazilian trojan banker, a .cmd file hosted at Dropbox and already detected by our Heuristic engine.

The most interesting thing in that message is another link pointing to a form hosted at Google Docs. The message shows the link as “send the invitation to your friends” but it’s a fake form created to collect names and e-mail addresses of new victims:

We already reported the malicious file to Dropbox team and also the fake webform to Google.

If you are interested in joining Google+, please be patient and not believe in supposed invites received in e-mails.


Comments

If you would like to comment on this article you must first
login


Bookmark and Share
Share

Analysis

Blog