NEWS FROM THE LAB - Thursday, June 17, 2010

All Your Farm Are Belong To Us Posted by Sean @ 16:02 GMT

Zynga's FarmVille is a popular social networking game and perhaps it should come as little surprise that many players want to learn FarmVille secrets and cheats. And so they turn to search engines to find them.

Currently, "farmville cheats" is a highly ranked suggestion:

FarmVille suggestions

Sad but true.

Anyway, we searched for farmville cheats and readily discovered farmville-secrets.spruz.com:

FarmVille secrets cheats

Spruz.com has removed the page for violating their terms of use policy, so it's no longer hosted, but beware of Google's cache.

Here's what the site looked like:

Click Here

The "Click Here" button opens a download dialog for a file called FarmVille_autobot.exe.

An autobot sounds like a convenient way to cheat, right? Only in this case the cheater will get more than they asked for because the file includes a variant of TDSS, an advanced backdoor rootkit. Best kept secrets indeed!

The MD5 of the file we analyzed (thanks JoJo) is 9c7812efa218ab3750e570a93015e884 and is detected as Trojan:W32/TDSS.FZ.