Porn video malware infects 110,000 Facebook users

New Trojan will tag your friends in Facebook porn post on your behalf

Bold Facebook menu

More than a hundred thousand Facebook users have been tricked into downloading a porn-based Trojan attack.

The malware lures users of the social network by offering up a link to a porn video via a friend's account, which has already been infected, according to security researcher Mohammad Faghani.

By clicking the link, users get a preview of a porn video, but it stops midway through, prompting them to download a Flash player to continue watching.

This is a fake player that will download the malware to a user's PC, hijacking control of their keyboard and mouse, warned Faghani in a post on the Full Disclosure mailing list.

The virus then spreads itself by posting the link on the infected user's Facebook profile, tagging their friends.

So far it has infected 110,000 Facebook users' computers in just two days, Faghani added, but has proved more virulent than previous malware that sends private messages to friends.

"This malware keeps its profile low by only tagging less than 20 users in each round of post," he said.

"In this case, the tag may be seen by friends of the victim's friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation."

Facebook released a statement to Threatpost, saying it is aware of the problem and is in the process of tackling it.

"We use a number of automated systems to identify potentially harmful links and stop them from spreading," a Facebook spokesperson told Threatpost.

"In this case, we're aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites.

"We are blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook."

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

What is the Computer Misuse Act?
Policy & legislation

What is the Computer Misuse Act?

2 Mar 2021
What is cloud-to-cloud backup?
cloud backup

What is cloud-to-cloud backup?

1 Mar 2021
Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021

Most Popular

How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021