Strategy, Threat intelligence, Threats, Malware

More than 100K Facebook users infected by porn malware

February 2, 2015

In only two days, more than 100,000 Facebook users have been infected with a new trojan that drops when a victim attempts to watch a porn video.

The attack, detailed by researcher Mohammad Faghani, tags an infected user's friends in a post that advertises a pornographic video. If opened, the post offers a preview clip but then stops and instructs users to download a “flash player” to continue watching. The player, in actuality, is the downloader of the malware.

The trojan can hijack the keyboard and mouse movement, Faghani reported, and covertly propagates by limiting its tags to less than 20 of the victims' friends.

Faghani refers to the technique as “magnet” because of the way in which it tags friends, thus improving its visibility as more friends see the tagged post.

prestitial ad