Naughty Camera Prank virus hits Facebook users

Reports are coming in that a new attack is spreading virally across Facebook disguised as a video – the third Saturday in a row that the social network has been assaulted in this fashion.

Naughty Camera Prank! [HQ]

The attacks come in the form of a message, sent by a rogue Facebook application (using names such as HD Media, Xziox FLV) saying:

<name> this is without a doubt the most hilarious video ever. LOL!
Naughty Camera Prank! [HQ]
Length: 3:17

Sign up to our free newsletter.
Security news, advice, and tips.

Facebook users are urged not to click on the videos, as it could lead to you installing adware detected by Sophos as FLVDirect Installer, and forwarding the attack to your other Facebook friends.

Some users have reported being taken to a fake Facebook login page, which attempts to steal their usernames and passwords. Others have also reported being sent the link via Facebook’s instant messaging chat feature.

The attack follows one week after the “Distracting Beach Babes” video attack, which itself came seven days after Facebook was hit by another attack dubbed the “Sexiest Video Ever”.

In those examples, users who clicked on the video thumbnails were instead taken to an application that told them that if they wished to view the video they had to install an updated player onto their PC. The software downloaded by the users was, in reality, revenue-generating adware. Furthermore, when users gave permission to the Facebook application to execute, it spread the message virally to all of their Facebook friends.

Hopefully, before too much harm is done, Facebook’s security team will be hard at work shutting down the rogue applications sending these messages as soon as they pop up.

If you made the mistake of clicking on the video link please play safe by: warning your friends who you may have passed the message onto, scanning your computer with an up-to-date anti-virus, changing your Facebook password, checking your application settings and removing any apps you don’t recognise.

If you’re regular user of Facebook, you should join the Sophos page on Facebook to keep up-to-date on security issues.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.