25:
190:
is hidden behind an icon of two blonde women. After the code is launched, it attempts to download further malicious software hosted on a specific compromised
Israeli domain. The malware is currently not present on the Israeli website. All that remains is a message, seemingly from the intruders, that
273:
It is likely that they are using additional or other websites in continuing spreading their cyberattack(s). Some other popular baits tricking users to click on malicious links include
366:
793:
179:
The biggest risk is that someone's
Facebook contacts may have had their account already compromised (due to sloppy password security, or granting access to a
633:
414:
1245:
485:
786:
164:, which identified and displayed a short description by identifying specific file types. To help users for this specific threat, the
750:
441:
1240:
409:
845:
638:
779:
465:
1225:
828:
704:
168:
service also blocked files with double extensions, such as .jpg.exe, .png.exe, or .bmp.exe. Just like usual malware, the
1265:
1215:
1076:
95:
reported in
November 2011 that this threat mainly spreads itself through malicious links through the social network
1235:
1200:
1144:
1024:
724:
380:
150:
1139:
865:
592:
72:
1260:
1049:
526:
516:
352:
183:) and that the account user has been allured by clicking on a link seemingly posted by one of their friends.
1230:
1169:
602:
169:
988:
860:
653:
480:
43:
1220:
1008:
850:
802:
434:
123:
1210:
1099:
983:
973:
855:
838:
760:
755:
714:
643:
501:
114:, meanwhile stealing their personal online/offline information and/or credentials, commonly known as
1104:
1089:
886:
709:
1164:
1154:
1109:
823:
694:
531:
511:
88:
133:. Despite the misleading extension, MediaFire successfully identified the malicious image as an
1250:
1179:
1119:
1094:
918:
719:
673:
582:
308:
293:
180:
161:
68:
38:
33:
1255:
1205:
993:
810:
734:
699:
427:
119:
103:
1174:
1149:
1131:
998:
935:
891:
729:
668:
142:
415:
Microsoft assists law enforcement to help disrupt
Dorkbot botnets @ technet.microsoft.com
160:
MediaFire had then taken steps to address incorrect and misleading file extensions in an
689:
663:
470:
111:
84:
1194:
1054:
833:
648:
567:
475:
302:
64:
978:
940:
928:
903:
587:
506:
278:
165:
1159:
1084:
1034:
898:
658:
577:
397:
187:
186:
Although the links pretend to point to an image, the truth is that a malicious
1066:
1039:
1003:
617:
597:
562:
173:
154:
130:
115:
1114:
1061:
957:
945:
607:
557:
126:
172:
can update itself once installed on the victim's computer or other related
923:
913:
908:
818:
281:
96:
771:
1044:
1029:
950:
612:
521:
450:
402:
314:
274:
146:
107:
311: – Family of malware worms that spreads through instant messaging
296: – Family of malware worms that spreads through instant messaging
881:
572:
552:
547:
367:"Dorkbot Malware Infects Facebook Users; Spies Browser Activities..."
129:, who detected that the worm was being distributed camouflaged as an
92:
398:
Alert (TA15-337A) @ United States
Computer Emergency Readiness Team
138:
419:
134:
775:
423:
232:
Hacked By ExpLodeMaSTer & By Ufuq
18:
149:, the malware is simply integrated by the attackers from a
335:
298:
Pages displaying short descriptions of redirect targets
83:
In 2011, the Code was first identified by the Danish
1130:
1075:
1017:
966:
874:
809:
743:
682:
626:
540:
494:
458:
106:caught and blocked the worm, which is capable of
347:
345:
153:. Besides stealing usernames and passwords, the
787:
435:
157:may also order additional malware downloads.
137:-file. The malicious Shikara Code poses as a
8:
32:It has been suggested that this article be
794:
780:
772:
442:
428:
420:
353:"Facebook worm poses as two blonde women"
381:"Facebook chat worm continues to spread"
336:"CSIS - Exceptional threat intelligence"
305: – Self-replicating malware program
327:
486:Timeline of computer viruses and worms
7:
14:
751:Computer and network surveillance
410:Technical information @ Microsoft
23:
466:Comparison of computer viruses
122:was originally flagged by the
1:
1246:Social engineering (security)
705:Data loss prevention software
1077:Software release life cycle
1282:
1145:Software protection dongle
1025:Unwanted software bundling
725:Intrusion detection system
317: – Malicious software
151:control and command server
1140:Digital rights management
593:Privacy-invasive software
49:Proposed since June 2024.
1018:Deceptive and/or illicit
141:image, but is indeed an
1241:Password authentication
1170:Software license server
603:Rogue security software
170:Backdoor.IRCBot.Dorkbot
71:, that attacks through
846:Freely redistributable
639:Classic Mac OS viruses
481:List of computer worms
1009:Software as a service
803:Software distribution
124:online backup service
1226:Hacking in the 2010s
1100:Software maintenance
974:Digital distribution
829:Free and open-source
761:Operation: Bot Roast
1266:Cybercrime in India
1216:Exploit-based worms
1105:Software maintainer
887:Commercial software
875:Compensation models
710:Defensive computing
627:By operating system
355:. 29 November 2011.
112:browsing activities
1165:Software copyright
1155:Product activation
1110:Software publisher
824:Floating licensing
695:Antivirus software
541:Malware for profit
512:Man-in-the-browser
459:Infectious malware
383:. 5 December 2011.
87:company CSIS. The
73:social engineering
1236:Instant messaging
1201:2011 in computing
1188:
1187:
1180:Torrent poisoning
1095:Long-term support
919:Pay what you want
769:
768:
720:Internet security
674:HyperCard viruses
583:Keystroke logging
573:Fraudulent dialer
517:Man-in-the-middle
309:Dorkbot (malware)
294:Alert (TA15-337A)
181:rogue application
67:, related to the
56:
55:
51:
39:Dorkbot (malware)
1273:
994:Product bundling
967:Delivery methods
866:Source-available
796:
789:
782:
773:
735:Network security
700:Browser security
444:
437:
430:
421:
385:
384:
377:
371:
370:
363:
357:
356:
349:
340:
339:
332:
299:
104:Bitdefender Labs
47:
27:
26:
19:
1281:
1280:
1276:
1275:
1274:
1272:
1271:
1270:
1261:Windows malware
1191:
1190:
1189:
1184:
1175:Software patent
1150:License manager
1132:Copy protection
1126:
1071:
1013:
999:Retail software
962:
936:Open-core model
892:Retail software
870:
805:
800:
770:
765:
744:Countermeasures
739:
730:Mobile security
678:
669:Palm OS viruses
634:Android malware
622:
536:
532:Zombie computer
490:
454:
448:
394:
389:
388:
379:
378:
374:
365:
364:
360:
351:
350:
343:
334:
333:
329:
324:
297:
290:
233:
143:executable file
81:
52:
28:
24:
17:
12:
11:
5:
1279:
1277:
1269:
1268:
1263:
1258:
1253:
1248:
1243:
1238:
1233:
1231:Identity theft
1228:
1223:
1218:
1213:
1208:
1203:
1193:
1192:
1186:
1185:
1183:
1182:
1177:
1172:
1167:
1162:
1157:
1152:
1147:
1142:
1136:
1134:
1128:
1127:
1125:
1124:
1123:
1122:
1112:
1107:
1102:
1097:
1092:
1087:
1081:
1079:
1073:
1072:
1070:
1069:
1064:
1059:
1058:
1057:
1052:
1047:
1042:
1037:
1027:
1021:
1019:
1015:
1014:
1012:
1011:
1006:
1001:
996:
991:
986:
981:
976:
970:
968:
964:
963:
961:
960:
955:
954:
953:
943:
938:
933:
932:
931:
926:
916:
911:
906:
901:
896:
895:
894:
884:
878:
876:
872:
871:
869:
868:
863:
858:
853:
848:
843:
842:
841:
836:
826:
821:
815:
813:
807:
806:
801:
799:
798:
791:
784:
776:
767:
766:
764:
763:
758:
753:
747:
745:
741:
740:
738:
737:
732:
727:
722:
717:
712:
707:
702:
697:
692:
690:Anti-keylogger
686:
684:
680:
679:
677:
676:
671:
666:
664:Mobile malware
661:
656:
651:
646:
641:
636:
630:
628:
624:
623:
621:
620:
615:
610:
605:
600:
595:
590:
585:
580:
575:
570:
565:
560:
555:
550:
544:
542:
538:
537:
535:
534:
529:
524:
519:
514:
509:
504:
498:
496:
492:
491:
489:
488:
483:
478:
473:
471:Computer virus
468:
462:
460:
456:
455:
449:
447:
446:
439:
432:
424:
418:
417:
412:
407:
393:
392:External links
390:
387:
386:
372:
358:
341:
326:
325:
323:
320:
319:
318:
312:
306:
300:
289:
286:
271:
270:
269:
268:
267:
266:
265:
264:
263:
262:
261:
260:
259:
258:
257:
256:
255:
254:
253:
252:
251:
250:
249:
248:
247:
246:
245:
244:
243:
242:
241:
240:
239:
238:
237:
236:
235:
234:
231:
85:cyber security
80:
77:
69:Dorkbot family
54:
53:
31:
29:
22:
15:
13:
10:
9:
6:
4:
3:
2:
1278:
1267:
1264:
1262:
1259:
1257:
1254:
1252:
1249:
1247:
1244:
1242:
1239:
1237:
1234:
1232:
1229:
1227:
1224:
1222:
1219:
1217:
1214:
1212:
1209:
1207:
1204:
1202:
1199:
1198:
1196:
1181:
1178:
1176:
1173:
1171:
1168:
1166:
1163:
1161:
1158:
1156:
1153:
1151:
1148:
1146:
1143:
1141:
1138:
1137:
1135:
1133:
1129:
1121:
1118:
1117:
1116:
1113:
1111:
1108:
1106:
1103:
1101:
1098:
1096:
1093:
1091:
1088:
1086:
1083:
1082:
1080:
1078:
1074:
1068:
1065:
1063:
1060:
1056:
1053:
1051:
1048:
1046:
1043:
1041:
1038:
1036:
1033:
1032:
1031:
1028:
1026:
1023:
1022:
1020:
1016:
1010:
1007:
1005:
1002:
1000:
997:
995:
992:
990:
989:Pre-installed
987:
985:
982:
980:
977:
975:
972:
971:
969:
965:
959:
956:
952:
949:
948:
947:
944:
942:
939:
937:
934:
930:
927:
925:
922:
921:
920:
917:
915:
912:
910:
907:
905:
902:
900:
897:
893:
890:
889:
888:
885:
883:
880:
879:
877:
873:
867:
864:
862:
861:Public domain
859:
857:
854:
852:
849:
847:
844:
840:
837:
835:
832:
831:
830:
827:
825:
822:
820:
817:
816:
814:
812:
808:
804:
797:
792:
790:
785:
783:
778:
777:
774:
762:
759:
757:
754:
752:
749:
748:
746:
742:
736:
733:
731:
728:
726:
723:
721:
718:
716:
713:
711:
708:
706:
703:
701:
698:
696:
693:
691:
688:
687:
685:
681:
675:
672:
670:
667:
665:
662:
660:
657:
655:
654:MacOS malware
652:
650:
649:Linux malware
647:
645:
642:
640:
637:
635:
632:
631:
629:
625:
619:
616:
614:
611:
609:
606:
604:
601:
599:
596:
594:
591:
589:
586:
584:
581:
579:
576:
574:
571:
569:
568:Form grabbing
566:
564:
561:
559:
556:
554:
551:
549:
546:
545:
543:
539:
533:
530:
528:
525:
523:
520:
518:
515:
513:
510:
508:
505:
503:
500:
499:
497:
493:
487:
484:
482:
479:
477:
476:Computer worm
474:
472:
469:
467:
464:
463:
461:
457:
452:
445:
440:
438:
433:
431:
426:
425:
422:
416:
413:
411:
408:
405:
404:
399:
396:
395:
391:
382:
376:
373:
368:
362:
359:
354:
348:
346:
342:
337:
331:
328:
321:
316:
313:
310:
307:
304:
303:Computer worm
301:
295:
292:
291:
287:
285:
283:
280:
276:
230:
229:
228:
227:
226:
225:
224:
223:
222:
221:
220:
219:
218:
217:
216:
215:
214:
213:
212:
211:
210:
209:
208:
207:
206:
205:
204:
203:
202:
201:
200:
199:
198:
197:
196:
195:
194:
193:
192:
189:
184:
182:
177:
175:
171:
167:
163:
158:
156:
152:
148:
144:
140:
136:
132:
128:
125:
121:
117:
113:
109:
105:
100:
98:
94:
90:
86:
78:
76:
74:
70:
66:
65:computer worm
62:
61:
50:
45:
41:
40:
35:
30:
21:
20:
16:Computer worm
1221:File sharing
1050:Trojan horse
979:File sharing
941:Postcardware
929:Donationware
904:Crowdfunding
851:License-free
527:Trojan horse
507:Clickjacking
401:
375:
369:14 May 2013.
361:
330:
279:Taylor Swift
272:
185:
178:
166:file sharing
159:
101:
82:
60:Code Shikara
59:
58:
57:
48:
37:
1211:Email worms
1160:Product key
1090:End-of-life
1085:Abandonware
1035:Infostealer
984:On-premises
899:Crippleware
856:Proprietary
839:Open source
659:Macro virus
644:iOS malware
618:Web threats
578:Infostealer
495:Concealment
188:screensaver
1195:Categories
1067:Shovelware
1040:Ransomware
1004:Sneakernet
683:Protection
598:Ransomware
563:Fleeceware
322:References
155:bot herder
131:image file
116:cybercrime
110:on users'
1115:Vaporware
1062:Scareware
958:Trialware
946:Shareware
608:Scareware
558:Crimeware
282:sex tapes
127:MediaFire
120:infection
102:In 2013,
91:-company
1251:Spamming
924:Careware
914:Freeware
909:Freemium
819:Beerware
811:Licenses
756:Honeypot
715:Firewall
502:Backdoor
288:See also
145:. As an
97:Facebook
79:Timeline
1256:Spyware
1206:Botnets
1045:Spyware
1030:Malware
951:Nagware
613:Spyware
522:Rootkit
451:Malware
403:US-CERT
315:Malware
275:Rihanna
174:devices
147:IRC bot
44:Discuss
882:Adware
588:Malbot
553:Botnet
548:Adware
453:topics
191:says:
162:update
118:. The
108:spying
93:Sophos
34:merged
139:.jpeg
63:is a
36:into
1120:list
1055:Worm
834:Free
135:.exe
277:or
42:. (
1197::
344:^
284:.
176:.
99:.
89:AV
75:.
795:e
788:t
781:v
443:e
436:t
429:v
406:)
400:(
338:.
46:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.