A worm spreading via Facebook infects victims with a variant of the dangerous Zeus Trojan. The attack, which was first found by researchers at CSIS in Denmark, spreads via phony posts from an infected Facebook user's account that pretends to contain photos.
Like previous Facebook scams, it uses stolen account credentials to log in and then spam the victim account's "Friends" with the malicious posts. While a screenshot of the file appears to have a .jpg suffix, it's really a malicious screensaver file, according to Jovi Umawing, a security expert at GFI Software.

"The worm is also found to have anti-VM capabilities, making it useless to execute and test in a virtual environment, such as Oracle VM VirtualBox and VMWare." If you are using any virtual machine then it will infect your current OS.

Facebook has blocked the offending domains spreading the Trojan. "We are constantly monitoring the situation and are in the process of blocking domains as we discover them. We have internal systems in place configured specifically to monitor for variations of the spam and are working with others across the industry to pursue both technical and legal avenues to fight the bug," a Facebook spokesperson says. 

"Facebook is built to easily allow people to share pictures, videos, and other content -- and people trust what they are receiving from their friends," says Mike Geide, senior security researcher at Zscaler ThreatLabZ Malware. "[For example], this recent example can take advantage of the sharing mechanisms and user's trust of their friends within social networking."

More than 6000 Facebook account hacked by a hacker named Cru3l Int3ntion. Couple of months before another hackers group from Nepal named TeamSwaStika has hijacked more than 10 thousand Facebook accounts. Later FB authority denies that attack. 

Among those hacked accounts the users are mainly from France, Spain, England, India and some other countries. In this hacking the hackers has used massive phishing, spamming and bots. In two separate pastebin release the has exposed all the hacked accounts. 

Facebook again under massive attack. This time phishing emails are threatening to delete users’ Facebook accounts unless the victims pass along their account details within 24 hours. The phishing messages are charging Facebook users with violating policy regulations by annoying or insulting other Facebook users. The messages are then requesting personal and financial information including Facebook login details and part of recipients’ credit card numbers. The emails are entirely bogus. They are not coming from Facebook. Social media venues would not request financial information, nor would they request login details. The scams are, in fact, designed to steal credit card numbers and social media accounts, likely in order to further spread scams and bilk victims.

"I do not believe that we need new explicit authorities to conduct offensive operations of any kind," Air Force General Robert Kehler said in the latest sign of quickening U.S. military preparations for possible cyber warfare.

"I do not think there is any issue about authority to conduct operations," he added, referring to the legal framework.

But he said the military was still working its way through cyber warfare rules of engagement that lie beyond "area of hostilities," or battle zones, for which they have been approved.

The Strategic Command is responsible for U.S. operations in space and cyberspace. The U.S. Cyber Command, a sub-command, began operating in May 2010 as military doctrine, legal authorities and rules of engagement were still being worked out for what the military calls the newest potential battle "domain."

The Defense Department, in a report made public Tuesday, ratcheted up its warnings, saying the United States reserves the right to retaliate with military force against a cyber attack and is boosting its ability to pinpoint network intruders.

"When warranted, we will respond to hostile attacks in cyberspace as we would to any other threat to our country," the Pentagon said in a report mandated by Congress.

"We reserve the right to use all necessary means - diplomatic, informational, military and economic - to defend our nation, our allies, our partners and our interests."

PRESIDENT MUST ORDER CYBER OFFENSIVE

Kehler, in Wednesday's teleconference, equated offensive action in cyberspace with operations on the ground, air, sea and space in that any offensive action would be carried out under orders of the president as commander-in-chief.

As recently as October 18, Kehler had told reporters that the military was still looking at "what kinds of options would we want to be able to offer" policymakers for cyber warfare.

Deliberations on military doctrine and legal framework are "ongoing," Kehler said at the time. "I would say it's not completed."

On Wednesday, he said the military was learning daily from its operations in cyberspace.

"I think we all wish we were going faster, but we have made progress, we have a number of rules of engagement in place," he said from Omaha, Nebraska, where Strategic Command was hosting a cyber and space conference.

The Pentagon's advanced research arm said earlier this month that it is stepping up efforts to build a cyber arsenal for "more and better options" to meet computer-driven threats to a growing range of industrial and other systems that are vulnerable to cyber penetration.

The Office of the National Counterintelligence Executive, a U.S. intelligence arm, said in a report to Congress last month that China and Russia are using cyber espionage to steal U.S. trade and technology secrets and that they will remain "aggressive" in these efforts.

It defined cyberspace as including the Internet, telecommunications networks, computer systems and embedded processors and controllers in "critical industries."

The Pentagon, in the report to Congress made public Tuesday, said it was seeking to deter aggression in cyberspace by building stronger defenses and by finding ways to make attackers pay a price.

"Should the 'deny objectives' element of deterrence not prove adequate," the report said, "DoD (Department of Defense) maintains, and is further developing, the ability to respond militarily in cyberspace and in other domains."

"We told you many times ddosing Facebook was a fake operation," reads a message posted on Friday in the group's AnonOps Twitter account.

The threat to "destroy" Facebook on Nov. 5 via a DDOS (distributed denial of service) attack originated with a video posted on YouTube in mid-July.

However, the plan was never announced in Anonymous' Twitter feeds nor on its blog, 

On Aug. 10 the group said on Twitter that it wasn't involved in planning a Facebook attack.

"WE DONT 'KILL' THE MESSENGER. THAT'S NOT OUR STYLE," reads that post on the group's AnonOps Twitter account.

In a statement released on Friday, Anonymous said the initiative against Facebook was led by an individual acting on his own, according to a Cnet report.

This man was warned to stop promoting the attack as an Anonymous action but he pressed on, so as retaliation Anonymous has released his name and contact information, including a phone number, according to the Cnet article.

Follow Shevantha on Twitter at @shevanthaperera

WikiLeaks editor Julian Assange lost a court battle to stay in the United Kingdom Wednesday and will be extradited to Sweden to face questioning over sex charges, a court ruled. Appeals court judges Lord Justice John Thomas and Justice Duncan Ouseley rejected all four of the arguments Assange's defense team used to fight the extradition.
They will hold another hearing later this month to determine whether he can appeal.
"I have not been charged with any crime in any country," he said on the steps of the High Court in London. "Despite this, the European arrest warrant is so restrictive that it prevents UK courts from considering the facts of a case, as judges have made clear here today."
Assange is accused of sexually assaulting two women in Sweden in August 2010. Although he has not been charged with a crime, Swedish prosecutors want to question him in connection with the allegations.
The court comprehensively rejected his defense against being sent there to face prosecution, and was particularly scathing about a dispute with one of the women over whether she had consented to having sex with him.
Swedish authorities allege that the unnamed woman agreed to have sex with him only if he wore a condom, and that he then had unprotected sex with her while she was asleep.
"The allegation is that he had sexual intercourse with her when she was not in a position to consent and so he could not have had any reasonable belief that she did," the court said.
Assange drew cheers from the crowd as he left the court. A "Free Assange" rally was planned for Wednesday outside the Royal Courts of Justice.
Assange, an Australian, decided to fight the case at the High Court after a judge at Belmarsh Magistrates' Court ruled in February that the WikiLeaks head should be extradited.
Assange denies the accusations, saying they are an attempt to smear him, and he says it would be unfair to send him to a country where the language and legal system are alien to him. His attorneys have fought his extradition on procedural and human-rights grounds.
Assange's lawyers have suggested that Sweden would hand him over to the United States if Britain extradites him. The prosecutor representing Sweden has dismissed that claim.
The extradition case is not linked to his work as founder and editor-in-chief of WikiLeaks, which has put him on the wrong side of the U.S. authorities.
His organization, which facilitates the anonymous leaking of secret information, has published some250,000 confidential U.S. diplomatic cables in the past year, causing embarrassment to the government and others.
It has also published hundreds of thousands of classified U.S. documents relating to the conflicts in Iraq and Afghanistan.
But the organization has come under increasing financial pressure in recent months, leading Assange to announce last week that WikiLeaks was temporarily stopping publication to "aggressively fundraise" in order to stay afloat.
A financial blockade by Bank of America, VISA, MasterCard, PayPal and Western Union has destroyed 95% of WikiLeaks' revenue, Assange said.
Many financial institutions stopped doing business with the site after it released the U.S. diplomatic cables late last year, and donations have been stymied.
U.S. authorities have said disclosing the classified information was illegal and caused risks to individuals and national security.

-News Source (CNN, BBC)