Facebook 'sexiest video' malware spreading virally

If you get a posting on your Facebook wall saying something like "this is without doubt the sexiest video ever! :P :P :P" which might be accompanied by a video titled "Candid Camera Prank" DON"T click on the video: it's a lead-in to malware.

If you click on the link it will take you to what looks like a Facebook application which then tells you that your video player is out of date – and encourages you to download a file.

If you do what it asks, then the same "video" plus link gets posted using your profile photo to all your friends on Facebook -– meaning it is spreading virally.



The file seems to install a piece of adware called Hotbar, which thus generates revenue for the malware writer. (About Hotbar: "displays a dynamic toolbar and targeted pop-up ads based on its monitoring of Web-browsing activity. The toolbar appears in Internet Explorer and Windows Explorer. The toolbar contains buttons that can change depending on the current Web page and keywords on the page. Clicking a button on the toolbar may open an advertiser Web site or paid search site. Hotbar also installs graphical skins for Internet Explorer, Outlook, and Outlook Express. Hotbar may collect user-related information and may silently download and run updates or other code from its servers.")

via guardian.co.uk