How does Kilim Facebook Worm work?
Trojan.Agent.ED is a generic detection for the components of various different computer infections. Some of them can be relatively harmless, but others can be extremely malicious and dangerous. If you have performed a system scan, and the title of Trojan.Agent.ED has come up, it is possible that your operating system has been affected by what is popularly known as the Facebook Worm or Kilim Facebook Worm. This is a tremendously clandestine and intricate infection that has been created to affect the operating systems of many users. Unfortunately, once this malicious threat sets its foot in, it does not stop with one operating system.
Like thousands of computer infections before its emergence, Facebook Worm uses a well-constructed social engineering scam to trick computer users. The infection is executed with a help of an executable file that is presented to Facebook users as a video showcasing pornographic content. Even though there might be a bunch of different versions of the fictitious video file supposedly offering access to porn, the one that users usually encounter is Videos_New.mp4_2942281629029.exe. If you click the video to watch it, you will execute an infection that will set off the attack of the malicious Facebook Worm.
Once executed, the infection silently redirects to a link that is shortened using the ow.ly service. This link, consequently, redirects to a page that appears to belong to the Amazon Web Services. Then the redirecting continues to a malicious website – videomasars.healthcare – that routes the users of desktop devices to a corrupted link on Box.com and the users of mobile devices to corrupted ads. This is when the malicious file identified as Trojan.Agent.ED is installed. Whether the file is executed automatically or by you, the malicious Facebook Worm is activated. Simultaneously, the infection turns your operating system into a bot and, using your Facebook account, sends the link to the fake video to people in your network (e.g., Facebook friends).
Facebook users are much more likely to interact with the links presented by the people they know, which is exactly why the developers of Kilim Facebook Worm have created this scam the way it is. Needless to say, cyber crooks have not created this infection without a reason. The malicious files (Trojan.Agent.ED) silently dropped onto your PC are supposed to download Kilim Facebook Worm components, install a malicious Chrome extension, and communicate with remote servers (e.g., porschealacam.com). Luckily, the devious Facebook Worm is not perfect. Once the dangerous Chrome extension is installed, users must notice that the shortcut of the browser is illegally modified to initiate redirecting to Facebook pages. On top of that, most users discover access to the Extensions menu (chrome://extensions/) to be denied.
Unfortunately, the creators of Kilim Facebook Worm can gain privileges over your operating system, and manipulate it any way wanted. Due to this, it is difficult to predict what kind of outcome you might face if you don’t stop the scam of the devious Kilim Facebook Worm. Needless to say, this infection deserves immediate removal, and we advise using automatic malware detection and removal software. If you do not want to find yourself in a predicament similar to this one in the future, you have to be careful about the links you click on and how you browse the web in general. It is most important that you employ security software that could protect you regardless of how you surf the web, which sites you visit, or what kind of videos you watch.