Facebook users hit in embarrassing porn malware attack
Fri 12 Jun 2015
Facebook timelines and newsfeeds have been littered with malicious malware spreading pornographic content across the social media site.
The attack plagued Indian users this week sending pornographic links to Facebook friends and posting the X-rated content in messages and on newsfeeds.
Cybersecurity experts at Agra Police identified the malware and claimed that it belongs to a virus strain belonging to the Kilim family.
Nitin Kasana of Agra Police said that the malicious attacks started with a single message on the social media platform which read ‘Watch urgent, because it is your video.’ She explained that every time a user opened the link, their timeline and message inbox was plastered with pornographic spam.
The security professional added that the original messages contained a shortened ow.ly URL link, which when followed led targets to a mock Amazon Web Services page. In reality, the fake page was a malicious site which was “used by crooks to verify the platform used by the victim, such as the desktop computer or mobile phone, and direct them to a different path depending on their machine.”
“Mobile users were redirected to affiliate pages containing various offers, while desktop users were asked to download a file from a folder containing the malware,” said Kasana.
“The file pretended to offer a collection of pornographic videos. The malicious file was a downloader for the Facebook worm, which comes in the form of a Chrome extension and additional binaries. The last part of the attack was to spread among the victims’ Facebook friends, by sending the lure message.”
One of the affected users, Atul Verma, commented: “I had to call and message over 50 people to inform them that my account has been hacked. I requested them not to open any files containing weird links. It was disgusting.”
Industry experts have warned those affected by the spamware to change their social network credentials, remove any suspicious extensions from their web browsers and to delete unnecessary Facebook applications.
