The
new pretend-porn trojan was fast enough: it has infected over 110,000
Facebook users in a couple days. It works as follows: one of user’s
Facebook friends shares a porn video and it appears in the user’s news
feed. After it is clicked, it asks the user to install an update for the
Flash software, instead installing malware.
The malware tags the infected user’s
friends in a post containing porn video clip. The clip itself can’t be
played, as it asks to download a (fake) flash player to run. Of course,
instead it downloads the actual malware. Security experts revealed they
have been monitoring the new malware for the last 2 days where it
managed to infect over 110,00 users and remains on the rise.
Once the trojan infects someone’s account, it re-shares the video adding
up to 20 tags of their friends. This helps it spread faster than
previous malware, which was distributing itself through private
messaging on Facebook. The experts dubbed the new malware “Magnet” and
explained it was able to hijack victims’ keyboard and mouse movements.
Of course, this is not the first time porn videos have been used in
Facebook-targeted malware scams. For example, last summer, there was a
scam designed to look like a YouTube video of someone stripping in front
of their webcam.
In response, Facebook said they were aware of the latest malware, and
were doing what they could to stop it spreading further across the
network. Facebook used several automated systems in order to identify
potentially harmful links and stop them from spreading. The company also
explained that these malware varieties are normally hosted as browser
extensions and distributed via links on social networks. Facebook blocks
links to the scams, offers cleanup options and extra measures to make
sure its users are safe.