Facebook Users Attacked by Trojan Virus
November 7th, 2008 | Published in Facebook, Internet Viruses, Using Social Media | 25 Comments
Facebook and its users are having a rough day. A serious Facebook virus is attacking the network’s users.
For the laymen:
If you receive a Facebook message (or a Facebook message alert in your email) with a questionable subject line, DO NOT CLICK THE LINK IN THE BODY!
All of the information in this post was garnered from an awesome article from news.com.au by Narelle Towie.
Questionable subject titles vary from “Maan,yyou’re great!” to “your ass looks not bad in this video”, “Some0ne thinks your special and has a *Hot_Crush* on you. Find out who it could be*” or a youtube link that says ‘”i can see yooooooooo”. These links disguise a trojan worm and should not be clicked.
This trojan comes just months after Facebook said it was working to protect its user from phishing scams.
For the tech geeks, here is a more detailed explanation of the virus from Towie’s article:
FACEBOOK users are under attack from a virus sweeping through the online social network.
The virus is technically a trojan worm that disguises itself as an email from facebookmail.com.
People are enticed to click on a misspelled video or picture link that directs to a malicious web site.
The worm spreads its tentacles by emailing everyone on the victim’s friend list.
According to anti-virus software company Symantec, the trojan works by executing a worm called W32.Koobface.A that searches for cookies on the user’s machine.
If the worm finds the appropriate Facebook cookie, it modifies the users account settings and profile - adding links to malicious sites to trick others into installing the invader.
Facebook discussion boards talk about the trojan directing users to a page which looks like YouTube.
The phony page asks the user to install a video player upgrade.
Installing the fake upgrade allows the worm to work its magic and access files on the victim’s machine while destroying their Facebook account.
Facebook has begun combating the virus by deactivating link when it can.
Facebook has not released an official comment regarding the attack.
**Thank you Flickr user pshab for the awesome Facebook photo.
Is your company just jumping into the Facebook and Social Media world? Schipul can help!
Check out our Social Media page and be sure to attend our upcoming Blogging seminar!
November 7th, 2008at 3:22 pm(#)
Great article. I am glad this post is back up as I tried to come to it earlier and it was down.
November 8th, 2008at 6:31 am(#)
This is occurring on other social networking sites as well at the moment. Bebo has been hit by it too.
November 8th, 2008at 7:20 am(#)
Boy isnt that annoying. I neverhad that problem with MySpace???
Jiff
http://www.anolite.echoz.com
November 8th, 2008at 7:23 am(#)
Should mention this is a Windows-only issue (as usual with viruses)
November 8th, 2008at 7:51 am(#)
A serious Facebook virus is attacking the network’s users.
Here we go!!
November 8th, 2008at 10:21 am(#)
Look similar to normal email / video threat. What is special
November 8th, 2008at 11:32 am(#)
Goes back to the old adage, never click on a link contained in an e-mail from a stranger, these viruses work on stupid people, the wrong spelling is a clear tell tale sign, having said that I hope I am not attacked.
November 8th, 2008at 11:36 am(#)
[...] installing an .exe file from an unknown source is Internet Security 101. And yet, there’s word of a nuance that could catch fairly smart web users unaware: the trojan may also attempt to change the [...]
November 8th, 2008at 12:30 pm(#)
[...] installing an .exe file from an unknown source is Internet Security 101. And yet, there’s word of a nuance that could catch fairly smart web users unaware: the trojan may also attempt to change the [...]
November 8th, 2008at 12:41 pm(#)
Great post.
I have often wondered what the effects of a serious trojan would be on a social networking site like Facebook. Will Facebook lose users? Will people become more reluctant to use new Facebook applications?
Unfortunately for social media users, I believe many people feel that networks like Facebook act as an Internet safety blanket that protects them from trojans and the like.
However, the trusting nature of (less technically knowledgeable) social media users makes these networks the perfect target for those trying to prey on the vulnerabilities of the Internet.
I hope Facebook gets this resolved, but this is a good wakeup call to those who so freely use social media sites.
November 8th, 2008at 12:44 pm(#)
Working through a virus must be a drag, but this article
makes this virus sound entertaining. Its creative and interesting.
thanks from tony
November 10th, 2008at 11:15 am(#)
It goes without saying that you ought to be careful what you click - especially so in an email!
November 11th, 2008at 8:18 pm(#)
La, la, la… MacBook Pro. La, la, la. What’s this .exe file that automatically downloaded? Hmmm… Send to trash. La, la, la… I love facebook. La, la, la.
November 12th, 2008at 12:44 am(#)
Well it was bound to happen MySpace has been being hacked forever. I really wish that a virus could be mirrored to infect the infecties system two fold and maybe, just maybe eventually that technology would deter hacking. Unless these people doing this are hired by programming companies to increase sales of there products and /or services and in that case that is just a sorry way to do business.( the old wise tale of the mechanic breaking or tampering with something on your vehicle only to be able to charge you more for their services to fix)
December 1st, 2008at 5:44 pm(#)
[...] Did some research on the net and found this interesting article about facebook viruses. http://blog.schipul.com/facebook-users-attacked-by-trojan-virus/ [...]
December 1st, 2008at 5:47 pm(#)
Thanks for the info.
This is my experience in the last few days.
http://journeymanphil.wordpress.com/2008/12/02/facebook-problems-help/
Anyone any ideas?
Phil
December 3rd, 2008at 2:23 am(#)
[...] no instalar un archivo .exe de origen desconocido es el Internet Security 101. Y sin embargo, se dice que hay una variante que podría tomar desprevenidos a los usuarios web más inteligentes: el troyano también puede [...]
December 4th, 2008at 2:09 pm(#)
I received the link from a friend - not a stranger - and there were no misspellings. No clues that this was a hoax at all. Still getting Trojan alerts from WinDefender. For the self-righteous and indignant trolls out there, I hope you also get duped and that your machine and facebook account are jacked.
December 5th, 2008at 10:04 am(#)
Great article, I thought I would bring up the other point that some people don’t think of immediately when they are talking about getting hit by a virus. How do you remove that pesky thing once they are infected effectively. I did a post about it here:
Facebook Trojan Virus… Not a problem if you have a Windows Home Server. http://blogs.technet.com/homeserver/archive/2008/12/04/facebook-trojan-virus-not-a-problem-if-you-have-a-windows-home-server.aspx
Keep up the great work!
Kevin Beares
Community Lead
Windows Server Solutions Group (includes Home Server)
December 5th, 2008at 8:24 pm(#)
It would really be great if there was some way in the settings of Facebook to control/sanitize links to outside sites that are in a message from a friend or stranger.
But then again, I’m on linux so I ain’t sweating this. Or much of any other malware.
December 5th, 2008at 10:15 pm(#)
I love when a person who uses a Mac talks about how nothing affects a Mac. While the PC has it’s holes, and Mac is more secure because it’s built on Unix, that doesn’t matter.
If the Mac community had the same user-base numbers as PC, it would be just as targeted. Period.
And if you click on a link that has a ridiculous subject line like that, and install weird applications on your computer… it’s the tech-version of natural selection. Oy.
December 7th, 2008at 10:22 pm(#)
Stupidity = infected
same old scam click on a link (not facebooks issue same old trick with a new skin) bang you are infected
you are not infected via face book
December 10th, 2008at 4:34 pm(#)
So how the hell does one get rid of it???
December 12th, 2008at 2:15 am(#)
good article,make us to be more carefull while playing facebook.thanks
December 31st, 2008at 1:45 am(#)
As a user of facebook, this is my first time hearing trojan inside the facebook. Thanks for this info.