At least one trojan using Facebook as a command channel

Malware authors are always looking for new ways with which to control computers that are infected with a Trojan. This reason is simple--once discovered, security folks are typically quick to shut them down before more damage is done. According to a researcher from Symantec, at least one Trojan has opted to go the route of cloud computing by tapping into Facebook.

Andrea Lelli, a security analyst with Symantec Security Response, wrote that this new malware works by first logging into the mobile version of Facebook. It then moves on to check the notes section of the site for its "orders." Depending on what is found there; up to four different reactions will be triggered, which includes contacting a third party server for additional commands. 

Lelli took pains to stress that there are no Facebook exploits or flaws of any kind in Facebook. Indeed, this malware merely logs onto a Facebook account in order to use it as a central node to receive further orders.

Ultimately, Lelli concedes that the Trojan seems to represent a targeted attack. Personally, I reckon this technique of using a specific Facebook account is probably a fast way for its creator to quickly shut everything down by deleting the account.

For more on this story:
- check out this article at Symantec Connect
- check out this article at CNET News

Related Articles:
Facebook expands security to thwart phishing attacks
Facebook withdraws changes in data use
Opening up Facebook status could have utility in the enterprise
Is Facebook a major social engineering threat?