Banner

Monday, October 8, 2012

Facebook virus alert: eventforyous "www .vidolaughs. com"

To remove this Virus go HERE. (opens in a new window)

I think most of my readers (maybe even all THREE of you) are anti-Facebook but for those that have children on FB, here's a little warning. As I have three of my six daughters on FB, we've come across the latest virus. Being the old White Hat that I am, I'll post a little info on it here knowing that Google likes to index the crap out of this blog and it should reach a majority of people Googling for a fix to the problem.

(Sidenote: Google indexed this blog post in 18 minutes. 0_o)

If you've seen a goofy Facebook post that has horrific spelling like this:

"hahahahaha <name of recipient>  i cant believe whaaat u did in thiss videeoooo it's sooo stupid it's all over face bok!!! gooo hereee removee theee spaaaces -----> www .vidolaughs. com "

then you have witnessed the handywork of a hacker. With a simple suggestive hook (ie., look what you did AND it's on video) an unsuspecting user willingly clicks on the link provided. In this case, it is VidoLaughs.com.

Several warning bells should sound in your head when you see this stuff. Misspellings THAT bad are dead giveaways for hackers posting in a non-native language. Simple misspells like VidoLaughs instead of VideoLaughs are suspicious but the rediculous "whaaat" and "videeoooo" are most certainly done on purpose to gloat the unfolding malicious act. Taunting, if you will.

Always watch the URL when accessing an unknown site. If you are clicking a link like the aforementioned VidoLaugh.com but when your page loads and the URL clearly says "eventforyous.com/login.php" then you should not proceed any further.



Picture courtesy of YooSecurity (note the URL)

This is the classic FAKE login page that will steal your information once you attempt to log in.  The only good news, so far, is that the hackers in this case are NOT changing the passwords on the FB accounts once they have access. They are only logging in, spamming the bogus links, and moving on.

If you are affected by this hack, at this point, you can simply log in to FB and change your password.  You would also be wise to run a virus scan on your computer. I recommend Malwarebytes software for a safe and easy solution. I've used them for a few years now and with constant FREE upgrades, I haven't been stumped by a bug yet.

A little geek research for fun:

VidoLaughs.com appear to be located in Portugal, although this is most likely a mirror.

A WhoIs search on VidoLaughs shows a Registrant Protected status but shows the name of the server as ns1.clearfbevent.com. Clear FB Event, as in Clear out Facebook Event? Hmmm. The name VidoLaughs.com was just registered on Oct 2, 2012.

Of course, a quick visit to clearfbevent.com shows nothing. However, a Google search of "clearfbevent" shows 704 entries where the phrase clearfbevent was used in what appears to be a link scam for traffic. "Click here for a free Apple iPad 3" type advertisement.

This attack is mostly (90.6% of visitors) occuring in the United States, says Alexa (click on the "audience" link).

10 CLS
 
20 PRINT "Hello, world!"
 
30 PRINT "OrangeJeepDad blog is awesome"
 
40 REM "Visit us daily"
 
50 CLS
 
60 PRINT "All your base is belong to us"
 
70 END
 
80 LOL

28 comments:

crookedalley said...

Thanks for sharing !! desktop messaging

mo7eb rofail said...

thanks so much, I've received a message typically like what u have wrote.. it was sad instead of stupid hhhh, I just suspected in this message and did a search about vidolaughs.com at google, and I found ur page ( this one ) at the page no.1 as a very advanced sequence . so Congratulation :)

The Orange Jeep Dad said...

@crookedalley Thanks for commenting!

@mo7eb Thanks. Not sure why but Google indexing this blog lightening fast. Glad you found it and thanks for stopping by.

Anonymous said...

if you use WOT u see this site as the only green one. and google did it so that people would know if they searched for it.

Anonymous said...

Hahahahaha I hate myself sooooooooooo much

Anonymous said...
This comment has been removed by a blog administrator.
Rojer Fredrick said...

Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me.
iPhone Repair Dallas

Anonymous said...

Thank you so much one of my closest friends posted the same thing on my timeline and i started freaking out but now i understand! Thank you so much! this was really helpful.

Datarescue said...

As I website possessor I believe the written content here is really excellent , thanks for your efforts.


hotmail password recovery

jewelry manufacturer said...

pretty awesome.

Send Birthday Gift said...

A real informative blog like this is an exceptionally cool helping resource for a needy information seeker like me! Thanks a lot...

Free Antivirus Download said...

It is bad news for all those users who used facebook too. free antivirus download

florida acfla said...

All County Air Provides Installation, repair and service of all types and brands of commercial and residential air conditioners in Florida.
AC Repair Florida

Alex Smith said...

Thank you so much! this was really helpful.
AC Service Kenosha

Sam Smith said...

Its really nice blog!
Air Conditioning Service Spring Branch

Johney smith said...

great work did on this post, thanks for it.

regards
Roof Repair Cockeysville MD

Johnson Smiths said...

I believe the written content here is really excellent , thanks for your efforts.
AC Repair Pearland

Airclinicofelliscounty said...

It is extremely helpful for me.
AC Repair Waxahachie

bellaireair said...

It was really helpful :)
Attic Insulation River Oaks

bellaireair said...

Google did it so that people would know if they searched for it.
Ac Repair Friendswood

sunglowinc said...

I feel strongly about it and love learning more on this topic.
Refrigeration Service Portland

Ramesh chauhan said...

Generally I don't learn post on blogs, but I would like to say that this write-up very compelled me to take a look at and do it! Your writing style has been surprised me. Thank you, very great article.Also visit my page

ac repair pearland - Horizon Air Conditioning Company has been in business for years, proudly serving both residential and commercial customers in the Houston area, particularly Missouri City, Sugar Land, Stafford, Pearland, and Rosharon.

Dallas Website Design said...

Thanks for sharing such an interesting information.

Anonymous said...

i have no clue what this is i got a link from my friend saying to go here!

alysdare said...

Thanks for sharing such a nice and awesome information here.I have learned some thing new and different from here .
houston used cars

Johnson Smiths said...

Thank you so much! this was really helpful.
AC Repair Friendswood

akon said...

The blog is unique that’s providing the nice material. Please post more interesting articles here. infographic design

akon said...

Great webpage buddy, I am going to notify this to all my friends and contacts as well. social media infographics

Post a Comment