Porn video malware infects 110,000 Facebook users

Bold Facebook menu
News
2 Feb, 2015

New Trojan will tag your friends in Facebook porn post on your behalf

More than a hundred thousand Facebook users have been tricked into downloading a porn-based Trojan attack.

The malware lures users of the social network by offering up a link to a porn video via a friend’s account, which has already been infected, according to security researcher Mohammad Faghani.

By clicking the link, users get a preview of a porn video, but it stops midway through, prompting them to download a Flash player to continue watching.

This is a fake player that will download the malware to a user's PC, hijacking control of their keyboard and mouse, warned Faghani in a post on the Full Disclosure mailing list.

The virus then spreads itself by posting the link on the infected user's Facebook profile, tagging their friends.

So far it has infected 110,000 Facebook users’ computers in just two days, Faghani added, but has proved more virulent than previous malware that sends private messages to friends.

“This malware keeps its profile low by only tagging less than 20 users in each round of post,” he said.

“In this case, the tag may be seen by friends of the victim's friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation.”

Facebook released a statement to Threatpost, saying it is aware of the problem and is in the process of tackling it.

“We use a number of automated systems to identify potentially harmful links and stop them from spreading,” a Facebook spokesperson told Threatpost.

“In this case, we’re aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites.

“We are blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook.”