Last week Naked Security warned of a Facebook worm that was spreading on the social network, tricking users into believing that they were clicking on a link to an image.
The bad news is that the attack appears to still appears to be spreading via Facebook’s chat system, exploiting compromised users’ accounts.
An analysis by SophosLabs has identified that malware designed to install the Dorkbot worm onto users’ computers is being spread via Facebook chat. And, for now at least, Facebook’s built-in security systems are not preventing it.
It wasn’t the Facebook friend you are chatting with who sent that message, it was the Dorkbot malware instead. The link may appear – on casual observation – to point to Facebook.com, but in reality it goes to a third-party website.
Although an unsuspecting user may believe that they are clicking…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.