A new porn scam is spreading startlingly quickly through Facebook – one that has managed to spread malware to over 110,000 users in 48 hours, reports The Guardian.
A new porn scam is spreading startlingly quickly through Facebook – one that has managed to spread malware to over 110,000 users in 48 hours, reports The Guardian.
The scam works by a Facebook friend sharing what appears to be a pornographic videoclip, tagging in up to 20 of their friends. Upon visiting the page, though, the video clip will play the “first few seconds” of a video. A screenshot on Gizmodo shows what happens on Windows computers: a ‘half decoded’ image and a message saying, “Unfortunately, the video can not be opened.. Please Update the Adobe Flash Player.. Please Run the InstallFlashPlayer.exe After the installation is complete and try again!..”
Of course, the download does not fix the problem, instead infecting your computer with a trojan that will continue the cycle, tagging in your friends in the shared video. Interestingly, the scam is platform agnostic, able to detect what device the user is visiting the link from, and pointing them in the direction of the right malware for them. Neowin reports that it can distribute malware to “Android phones, PCs, PlayStation consoles, TV sets, smart cars, and media players.”
Mohammad Faghani, a security researcher who has been tracking the malware, reports the MD5 of the fake flash file as ‘cdcc132fad2e819e7ab94e5e564e8968’, and the SHA1 as ‘b836facdde6c866db5ad3f582c86a7f99db09784’. He says that an initial investigation of the malware finds it is capable of hijacking keyboard and mouse inputs.
Users with security software should be protected from the malware, which ESET detects as Win32/ExtenBro.AK.
In a statement, a spokesperson for Facebook said: “We use a number of automated systems to identify potentially harmful links and stop them from spreading. In this case, we’re aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites.”
“We are blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook.”
