Giraffe virus hoax spreads on Facebook, as users fail to see the joke

Graham Cluley
Graham Cluley
@[email protected]

GiraffeThe latest virus hoax to spread across Facebook was probably started as a silly joke, but it’s not funny how many people are believing it to be true – and sharing it with their online friends.

Here’s an example of the typical warning that is currently being distributed by Facebook users, unwittingly perpetuating what is in reality a hoax:

A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over google’s giraffe pictures.

“It’s been done in the past, but with HTML code instead of the JPEG,” said James Thompson, chief technical officer for SANS’ Internet Storm Center, the organization’s online-security research unit. “It is a virus, but it didn’t spread very far. We’ve only had two reports of it.”

The Facebook message goes like this: “I just changed my profile picture to a giraffe, but my answer was wrong” When you do it, Facebook automatically gives the hackers your user mail and password, malicious code embedded in the JPEG image gives the hackers everything they need, James said.

The code also installs a back door that can give hackers remote control over the infected computer. Antivirus expert Fred Hypponen of F-Secure warned on Wednesday that the JPEG exploit can also damage your Iphone if you charge it with your computer. By default, antivirus software only scans for .exe files. And even if users change the settings on antivirus software, the JPEG file name extensions can be manipulated to avoid detection.

Microsoft and google are working on it now, oct 25. We recommend Facebook users: DO NOT change your profile picture to giraffes.

The message itself is nonsense, of course. For instance, it quotes Fred Hypponen (who presumably is the brother of the F-Secure’s real CTO Mikko Hypponen).

Similarly, the real CTO of the SANS Internet Storm Center is Johannes Ullrich, not James Thompson.

Sign up to our free newsletter.
Security news, advice, and tips.

Furthermore, it’s not true to say that anti-virus software only scans .EXE files.

According to Hoax Slayer, the hoax appears to have sprung up on the back of a popular (and harmless) game where Facebook users change their profile picture to that of a giraffe if they get a question wrong.

Although hoaxes like this can appear harmless, the truth is that they can spread confusion to those who are not technical, or not in on the joke, and generally worsen the signal:noise ratio on social networks. In my experience, it’s best not to share virus warnings unless you have personally verified the details on a legitimate computer security website.

If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.