The new pretend-porn trojan was fast enough: it has infected over 110,000 Facebook users in a couple days. It works as follows: one of user’s Facebook friends shares a porn video and it appears in the user’s news feed. After it is clicked, it asks the user to install an update for the Flash software, instead installing malware.
The malware tags the infected user’s friends in a post containing porn video clip. The clip itself can’t be played, as it asks to download a (fake) flash player to run. Of course, instead it downloads the actual malware. Security experts revealed they have been monitoring the new malware for the last 2 days where it managed to infect over 110,00 users and remains on the rise.
Once the trojan infects someone’s account, it re-shares the video adding up to 20 tags of their friends. This helps it spread faster than previous malware, which was distributing itself through private messaging on Facebook. The experts dubbed the new malware “Magnet” and explained it was able to hijack victims’ keyboard and mouse movements.
Of course, this is not the first time porn videos have been used in Facebook-targeted malware scams. For example, last summer, there was a scam designed to look like a YouTube video of someone stripping in front of their webcam.
In response, Facebook said they were aware of the latest malware, and were doing what they could to stop it spreading further across the network. Facebook used several automated systems in order to identify potentially harmful links and stop them from spreading. The company also explained that these malware varieties are normally hosted as browser extensions and distributed via links on social networks. Facebook blocks links to the scams, offers cleanup options and extra measures to make sure its users are safe.