1) Someone from your Facebook Friends list will post “Wanna laugh?? Watch my video here http://220.127.116.11/100000?xxxxxxxx” (xxxx is random numbers) or message would be like this “Hello How are you? (Your friend) is in leading role in this video check it out http://18.104.22.168/100000?134068738.”
a) If victim will reply this message then victim will get some random messages in reply from the virus infected friends Facebook account.
2) Victim will click on the link.
3) Web page will open which will look same like known and leading video broadcasting site YouTube’s video page where the title of video will be something like this “YOUR FACEBOOK FRIEND’S NAME – is in leading role in this video” but victim will not be able to watch the video.
4) He/she will be promoted to download the Adobe Flash player plug-in.
5) Victim will download the Flash player from the link given in same page so that flash player is NOT Original Flash Player plug-in, actually it is a backdoor developed to get access of your C drive where everything belongs for your PC like your saved passwords on your browsers and mainly in this case the HOSTS file in your “c:WindowsSystem32driversetc”…