Beware of fake holiday advertisements and malicious plug-ins

Dec 27, 2011 13:59 GMT  ·  By

Advertisements for a cool Facebook Christmas theme turn out to be a malicious plot set up by hackers to infect as many computers as they can.

Even though Christmas passed, some people want to remain in the holiday spirit for a little longer and cybercrooks are relying on this.

Trend Micro experts warn that a fake “Christmas Theme For Free!! Limited Time” offer started popping up on Facebook walls, leading unsuspecting social network members to a Trojan that takes over the web browsers on the plagued machine.

After the link from the posts is clicked, the unsuspecting user is taken to a page that requires him to install a browser plug-in for the theme to work.

The plug-in called Free Cheesecake Factory Coupons floods the affected user’s wall with a status that continually advertises the scheme.

“Get Christmas Theme for FB on – – >>0< < – – free Christmas Theme for all FB users!!. Just Install this amazing new fb Christmas new look and change your profile looks show it to your friends…… [Name of tagged friends],” reads the malicious status message.

Identified as TROJ_REDIR.CU, the Trojan that hides behind the browser extension is not destructive, its main purpose being to redirect victims to certain sites.

Individuals who have already fallen for the scam are advised to check their browser’s extensions page and remove the Free Cheesecake Factory Coupons plug-in or any other suspicious looking element.

Also, since the piece of malware may redirect to other nasty locations which seamlessly serve other malicious files, those who’ve encountered this Facebook theme are recommended to run a full system scan with an updated antivirus solution to make sure nothing remains hidden on the infected computer.

During the holiday season, the number of similar plots is expected to rise and that’s why you should be on the lookout for anything out of the ordinary, especially if something pricy or cool is advertised.