Porn video malware infects 110,000 Facebook users

New Trojan will tag your friends in Facebook porn post on your behalf

Bold Facebook menu

More than a hundred thousand Facebook users have been tricked into downloading a porn-based Trojan attack.

The malware lures users of the social network by offering up a link to a porn video via a friend's account, which has already been infected, according to security researcher Mohammad Faghani.

By clicking the link, users get a preview of a porn video, but it stops midway through, prompting them to download a Flash player to continue watching.

This is a fake player that will download the malware to a user's PC, hijacking control of their keyboard and mouse, warned Faghani in a post on the Full Disclosure mailing list.

The virus then spreads itself by posting the link on the infected user's Facebook profile, tagging their friends.

So far it has infected 110,000 Facebook users' computers in just two days, Faghani added, but has proved more virulent than previous malware that sends private messages to friends.

"This malware keeps its profile low by only tagging less than 20 users in each round of post," he said.

"In this case, the tag may be seen by friends of the victim's friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation."

Facebook released a statement to Threatpost, saying it is aware of the problem and is in the process of tackling it.

"We use a number of automated systems to identify potentially harmful links and stop them from spreading," a Facebook spokesperson told Threatpost.

"In this case, we're aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites.

"We are blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook."

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

How the right software can improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Google, Facebook fined €210 million for making it difficult for users to reject cookies
Policy & legislation

Google, Facebook fined €210 million for making it difficult for users to reject cookies

6 Jan 2022
Meta makes 2FA mandatory for high-risk users
two-factor authentication (2FA)

Meta makes 2FA mandatory for high-risk users

3 Dec 2021
Meta delays product-wide end-to-end encryption rollout until 2023
encryption

Meta delays product-wide end-to-end encryption rollout until 2023

22 Nov 2021
Podcast transcript: Can the US take on big tech?
Policy & legislation

Podcast transcript: Can the US take on big tech?

19 Nov 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022