Malicious Facebook 'Farm Town' App Ad Redirects Users to Fake Antivirus Software

An application within Facebook known as FarmTown has been found to have a malicious advertisement that redirects users to fake antivirus software.

Facebook is the most popular social network with over 400 million users and it is the prime target for hackers to conduct malicious actions and even spread fake antivirus applications through malvertising. The latest malvertising scam to hit Facebook is a banner advertisement for greeting cards that is displayed through the Farm Town app in Facebook.

Farm Town, a popular gaming app in Facebook, has over 9 million users. Many users have reported of being redirected to multiple sites that advertise and sell what appears to be antivirus applications. Those applications were later found to be rogue anti-virus programs that are designed to extort money from unsuspecting computer users.

The malicious advertisements in Farm Town, as shown in figure 1. below, were bad Shockwave Flash adverts designed to redirect users from Facebook onto other domains that resulted in a web page being displayed that sells fake antivirus software.

fake farm town facebook app advertisement lead users to malware
Figure 1. – Malicious GreetingCards Flash Advertisement on Farm Town Facebook app.

Many of the malicious sites that users are redirected to initiate from the IP address 64.120.176.42 associated with several rogue domain names such as the following (do not visit):

100-your-scanner.com
11-best-scanner.com
110-your-scanner.com
111-your-scanner.com
211-your-scanner.com
22-best-scanner.com
221-your-scanner.com
5try-best-scanner.com
antivirus-test66.com
antivirus200scanner.com
av-scanner200.com
av-scanner300.com
stop-all-virus1.com
stop-all-virus3.com
stopvirus-scan11.com
stopvirus-scan13.com
stopvirus-scan16.com
try2-your-scanner.com
try4-your-scanner.com
try6-your-scanner.com
try8-your-scanner.com
virus77scanner.com

Since these findings, the makers of Farm Town, SlashKey, has posted a notice on their website that the developers have been notified of this problem and advised users to avoid clicking on links within popup messages that warns you of a computer infection.

As with any type of fake antivirus or rogue anti-spyware application, it is suggested that it be removed with a spyware removal tool. Do you use the Farm Town Facebook app? Have you seen the GreetingCards advertisement (figure 1.) before?

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.