Invitations to salacious or funny videos could lead to adware, Sophos warns

Dark Reading Staff, Dark Reading

May 25, 2010

1 Min Read

Just a week after hackers offered Facebook users the "Sexiest Video Ever" -- a promise that led to some nasty adware -- a new "video" has appeared, luring users to view "Distracting Beach Babes."

According to a blog by Sophos researcher Graham Cluley, this is the second straight weekend in which Facebook users have been broadly targeted with malware disguised as humorous or titillating video, apparently sent by friends or associates on the social networking site.

"The 'Distracting Beach Babes' scam appears to be the latest incarnation of the widespread 'Sexiest Video Ever' assault we saw spreading on Facebook last weekend, installing adware onto victims' computers, which can make money for the hackers behind the attack," Cluley blogged.

"Clicking on the 'video' link takes you to a rogue Facebook application. If you agree to give it permission to run [in your feverish desire to watch the video], then it will display a bogus message advising that you need to update your FLV player, and direct you to download adware to your computer. Meanwhile, the application has just forwarded the video in your name to all of your Facebook pals."

The exchange of such videos is common among friends on Facebook, and since the malware appears to be coming from trusted contacts, users can be easily taken in, Cluley said.

"If you have been hit, you should delete the offending message from your page, scan your computer with an up-to-date antivirus, change your passwords, [and] review your Facebook application settings [to ensure you have blocked the rogue application]," he said.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights