LFI to RCE via access_log injection

Facebook 'Watch naked video of friends' malware scam infects 2 million people

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1QoZrHyotsg3hefmgTAdQ7Ykp9gFxAIMt_vkgKqH1ug87Bze1SgdTNIXmKqj4hT_ghOg92fdI9So3oa7QE0KmJD0UsQ4pAo1UyoMPNjXQHJnvvTYgvLXlkbfMuw136B7wbqLNXW8tTCc/s728/Facebook-Watch-naked-video-of-friends.jpg

We have seen a lot of Facebook malware and virus infections spreading through friends list, and this time a new clickjacking scam campaign is going viral on Facebook.
Hackers spam Facebook timeline with a friend's picture and "See (Friend)'s naked video," or "(Friend Name's) Private Video."

The Picture appears to be uploaded by a friend and definitely, you might want to see some of your Facebook friends naked, But Beware! If you get curious and click, you will be redirected to a malicious website reports that your Flash Player is not working properly and needs to be re-installed.
But in actuality it will install a malware in your system and once approved, several disguised thing can happen to you. It further installs a malicious browser extension to spread the scam and steal users’ photos.
Facebook 'Watch naked video of friends' malware scam infects 2 million people
"When the link is clicked, users are sent to a very realistic-looking mockup of a YouTube page, where the hackers will try to immediately install the Malware Trojan.wltx reports.
So, Don't Click it! According to the report, 2 million Facebook users are already infected with the same malware campaign and unknowingly flood their friend's timeline will same campaign. Clicking on the message will automatically publish the same link on the victims Facebook wall potentially allowing friends to click on it.
Malware often takes advantage of the fact that you trust your friends. So, keep an eye on the links and messages from your friends, and if in doubt, ask them they actually sent you something or not.
The recent malware attacks are just a few examples of the dangers of using the social network Facebook. Stay safe by keeping your browser up-to-date and install operating system updates when they are released. Please ensure you share this news with your Facebook friends to make all of them aware of it.

Comments