Security Affairs
Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Malicious Facebook UnfriendAlert app used to steal FB credentials

Fraudsters are spreading a Facebook UnfriendAlert app that notifies users whenever someone removes them from friend list, in reality it collects credentials Curiosity Killed the Cat, everybody wants to know who is visiting his profile on every social media platform. The new scam scheme is targeting Facebook users that want to control who visit their […]

Malicious Facebook UnfriendAlert app used to steal FB credentials

Fraudsters are spreading a Facebook UnfriendAlert app that notifies users whenever someone removes them from friend list, in reality it collects credentials

Curiosity Killed the Cat, everybody wants to know who is visiting his profile on every social media platform. The new scam scheme is targeting Facebook users that want to control who visit their profile, who unfriended them from the Friend list, who spent his time reading their posts and much more.

Clever users are accustomed to look for plugins and apps that allow them to add new functions to their new Facebook account, and the crooks know it!

Many scams in the past have exploited bogus applications that promise to implement new functionalities, this time we will discuss a new free application that notifies users whenever someone removes them from the Facebook friend list. According to the researchers at Malwarebytes, scammers are spreading the UnfriendAlert application with the main purpose to steal users’ Facebook credentials.

The fraud scheme is quite simple, in order to activate the supplemental features, Facebook users have to activate unfriends monitoring and alert service by providing their Facebook credentials.

“The installer claims that the app will notify you when you get unfriended by someone on Facebook. After installing, sit back” did not work for me. I ran the program under Windows 7 and had to check manually if I had been unfriended. But if you provide your login credentials, which seems a bad idea in the first place, the program is able to see whether one of your Facebook friends decided they had enough of you.” wrote Malwarebytes experts.

Facebook unfriendAlert app

Once the victim submits his login credentials the Facebook UnfriendAlert app will send them to the website “yougotunfriended.com” managed by the crooks, the researchers discovered it by analyzing the traffic with Wireshark.

“Looking at a Wireshark log for this check however shows that the login credentials are not sent directly to Facebook but to “yougotunfriended.com””
Facebook  unfriendAlert Facebook app wireshark

Late last month, the Facebook UnfriendAlert app was also classified as a potentially unwanted program (PUP), a category of malicious application used by fraudsters to display unwanted advertisements when victims visit some web pages.

If you have installed the Facebook UnfriendAlert app uninstall it as soon as possible, and of course, Change your Password immediately.

Below the instructions provided by MalwareBytes to uninstall the Facebook UnfriendAlert App from your computer:

  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to “Quarantine”, and click Apply Actions.
  • Reboot your computer if prompted.

Pierluigi Paganini

(Security Affairs – Facebook UnfriendAlert , Scam)