Reports are coming in that a new attack is spreading virally across Facebook disguised as a video – the third Saturday in a row that the social network has been assaulted in this fashion.
The attacks come in the form of a message, sent by a rogue Facebook application (using names such as HD Media, Xziox FLV) saying:
<name> this is without a doubt the most hilarious video ever. LOL!
Naughty Camera Prank! [HQ]
Facebook users are urged not to click on the videos, as it could lead to you installing adware detected by Sophos as FLVDirect Installer, and forwarding the attack to your other Facebook friends.
Some users have reported being taken to a fake Facebook login page, which attempts to steal their usernames and passwords. Others have also reported being sent the link via Facebook’s instant messaging chat feature.
In those examples, users who clicked on the video thumbnails were instead taken to an application that told them that if they wished to view the video they had to install an updated player onto their PC. The software downloaded by the users was, in reality, revenue-generating adware. Furthermore, when users gave permission to the Facebook application to execute, it spread the message virally to all of their Facebook friends.
Hopefully, before too much harm is done, Facebook’s security team will be hard at work shutting down the rogue applications sending these messages as soon as they pop up.
If you made the mistake of clicking on the video link please play safe by: warning your friends who you may have passed the message onto, scanning your computer with an up-to-date anti-virus, changing your Facebook password, checking your application settings and removing any apps you don’t recognise.
If you’re regular user of Facebook, you should join the Sophos page on Facebook to keep up-to-date on security issues.