Sophos: Malware Alert on Farm Town

April 13th, 2010 by | 1 Comment

Image from Sophos D/A/CH Presseinfo

IT security and data protection firm Sophos, through its Senior Technology Consultant Graham Cluley, is warning players of the popular Facebook and MySpace game Farm Town to be on their guard for malicious advertisements. According to Cluley’s announcement posted on the Sophos blog, the recent malware activities on the social network game aim to fool unsuspecting players into installing malicious codes or unwittingly disclosing their credit card details by displaying fake security warnings.

These malicious advertisements, or malvertisements, appear to “alert” users that their computer is infected and even offer to conduct a virus scan. These have been the vector for other infections in the past, preying on unwary users as Cluley cited with instances on Web sites like New York Times and Gizmodo occurring late last year.

The advertising space positioned below Farm Town’s game window provided for third-party ads seems to be one of the malvertisement’s latest haunting grounds.

“In all likelihood, hackers have managed to poison some of the adverts that are being served to Farm Town by the outside advert provider.” Cluley explained. “What makes this attack all the more serious, of course, is the sheer number of people that regularly play Farm Town, and that — in all likelihood — they might not be as tech-savvy as the typical Gizmodo reader, and thus more vulnerable to falling for the hackers’ scam.”

The company behind Farm Town, Slashkey, has also issued a warning on their forum regarding the matter, stating that they are indeed aware of the malicious activities and have already alerted their developers. They added that if any these activities are associated with any of their developer’s ads, those would be pulled from the advertising space as soon as possible.

They also seriously advised anyone who encounters these ads not to click on them and instead close the browser window and run a full system scan to make sure stray parts of the malware are caught and quarantined even before they wreck havoc.

“If you do research on many of these spyware programs you will also find a myriad of sites proclaiming they are the only ones who can rid you of these programs.” the Slashkey post said, further explaining that these so-called cures are “as much of a scam as the malware you are trying to remove.”

Cluley, on the other hand, advised users to simply stop playing the game until Slashkey completely resolves the issue and to arm their computers with up-to-date security software.

“If you do feel you have to play Farm Town then it might be wise to disable adverts in your browser (for instance, using an add-on such as Adblock Plus on Firefox).”

Tags: , , , , , , , , , ,


Contact us for Free Analysis