Christmas Tree app virus hoax spreads on Facebook

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Thousands of Facebook users are warning each other about a Christmas Tree virus said to be spreading in the form of a rogue application on the social network.

The only problem with this warning? It’s utterly bogus.

Warning messages about the Christmas Tree app virus

Here’s a typical message being shared widely on Facebook:

Sign up to our free newsletter.
Security news, advice, and tips.

WARNING!!!!!!.....DO NOT USE THE Christmas tree app. on Facebookplease be advised it will crash your computer. Geek squad says its oneof the WORST trojan-viruses there is and it is spreading quickly.Re-post and let your friends know. THANKS PLEASE REPOST!

Users believe they’re doing the right thing when they share warnings like this – but unfortunately they haven’t checked their facts. Although anyone could at any time create a rogue application with the name “Christmas Tree” of course, we’re not aware of any malware which uses this disguise.

Furthermore, since when was Geek Squad a reliable source for information about new malware? Wouldn’t you be more sensible to check with an established anti-virus company? A legitimate warning would at the very least have included some links to further information – such as a statement on Geek Squad’s website.

Ironically, the hoax is probably spreading much faster than any of the genuine commonly encountered Facebook viruses at the moment.

Please don’t share virus warnings with your online friends until you have checked them with a credible source (such as an established computer security company). Malware can be killed off fairly easily, but misinformation like this can live on for months, if not years, because people believe they are “doing the right thing” by sharing the warning with their friends.

If you’re a regular user of Facebook, be sure to join the Sophos page on Facebook to be kept informed of the latest security threats.

PS. Those of you very long in beard may recall that in the late 1980s there was a real virus called “Christmas Tree” (also known as “CHRISTMA EXEC”). It displayed a crude picture of a Christmas Tree using the ASCII character set, and infected computers on IBM’s internal network and other systems.

However, as this was way back in 1987 I’m pretty confident that this hasn’t inspired the latest scare on Facebook!


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.