Having been around this computer thing, and the online world, for a long time I am never surprised when I hear of some new vector being exploited by malware and the people that create them. So hearing that Facebook has become the newest platform of these jerk-offs doesn’t come as any great shock.
Just like the new one that is apparently making the rounds on Facebook right now through their chat service. It works by hijacking a users’ chat in order to spread a download link to a piece of software that will install a Dorkbot malware program when clicked on.
The malware gives the malware author access to the accounts of the infected user, which in turn allows it to send the same malware infected link to their friends, according to the folks over at the Sophos Naked Security blog.
Sophos is also reporting that Facebook’s own anti-virus hasn’t been able to detect the trojan and as a result it is continuing to spread through the net via Facebook.
The download link points to an image of two blonde women, however, it has been infused with a malicious screensaver. When the malicious program begins to execute, it attempts to download more malware files hosted on a compromised Israeli website. The worm has been developed using Visual Basic 6.0 and “contains numerous Anti-VM tricks directed against VMware, Sandboxie, Virtual Box, etc.,” according to the Dutch CSIS Security Group, which first detected the spread of the worm.
With some 800 million users, not all of whom are technically literate or security conscious, this kind of infection attack is going to see a large degree of success and it means that Facebook has to be more proactive in this area.