Always avoid clicking on Facebook links that may be sent from another user, which are out-of-character or a potentially dangerous site. Facebook security administrators have responded to reduce spread of this new threat.
A new trojan is propagating through Facebook which was able to infect more than 110,000 users only in only two days.
Propagation — The trojan tags the infected user’s friends in an enticing post. Upon opening the post, the user will get a preview of a porn video which eventually stops and asks for downloading a (fake) flash player to continue the preview. The fake flash player is the downloader of the actual malware.
Background — We have been monitoring this malware for the last two days where it could infect more than 110K users only in two days and it is still on the rise. This malware keeps its profile low by only tagging less than 20 user in each round of post. This trojan is different from the previous trojans in online social network in some techniques. For instance, the previous trojans sent messages (on behalf of the victim) to a number of the victim’s friends. Upon infection of those friends, the malware could go one step further and infect the friends of the initial victim’s friends.
New “Magnet” technique – Malware gets more visibility to the potential victims as it tags the friends of the victim in a the malicious post. In this case, the tag may be seen by friends of the victim’s friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation.