Last week Naked Security warned of a Facebook worm that was spreading on the social network, tricking users into believing that they were clicking on a link to an image.
The bad news is that the attack appears to still appears to be spreading via Facebook’s chat system, exploiting compromised users’ accounts.
An analysis by SophosLabs has identified that malware designed to install the Dorkbot worm onto users’ computers is being spread via Facebook chat. And, for now at least, Facebook’s built-in security systems are not preventing it.
It wasn’t the Facebook friend you are chatting with who sent that message, it was the Dorkbot malware instead. The link may appear – on casual observation – to point to Facebook.com, but in reality it goes to a third-party website.
Although an unsuspecting user may believe that they are clicking on a link to a JPG image, the truth is that they are downloading an executable file that attempts to download further code (another piece of malware) from the net and drops a .BAT batch file onto infected computers.
The ultimate aim of all this malicious activity is to install the Dorkbot malware onto your Windows computer.
Sophos products detect the files as the Troj/VB-FRI and Troj/VB-FRJ Trojan horse respectively.
Clearly it’s time, if you haven’t already learnt the lesson, to realise that you should always be wary of links shared by friends on social networks – after all, how can you tell it was a friend who sent it or a piece of malware on their computer?
Make sure that you keep informed about the latest malware attacks, scams and other threats on Facebook. Join the Sophos page on Facebook, where over 150,000 people regularly share information on threats and discuss the latest security news.
Hat-tip: Thanks to Naked Security reader Rajesh for sending us the screenshot.
36 comments on “Facebook chat worm continues to spread”
Given that this works within Facebook, does it affect Mac OS X and Linux/BSD users too?
I would think it would only if you were running Windows on your mac machine, which some people, for some reason do.
“Koobface worm targets Mac users on Facebook, Twitter”
Sorry but YES MAC has had the Facebook worm before Windows.
Clearly it's time, if you haven't learned the lesson by now, NOT TO HAVE A WINDOWS COMPUTER!!!!!!!
why do you care, if it wasn't for pc users macs would get all the attention.
But of course! After all, EVERYONE knows Macs can't get viruses! *Facepalm* heh heh heh
Clearly its time, if you haven't learned the lesson by now. To realise malware can affect any computer regardless of its operating system.
You can talk when you start using Linux instead of that watered down, over priced piece of crap you think is a real computer.
Nothing is inherently better about linux. Its a geeks OS. There are reasons fewer people use it than mac os after all. Overpriced is relative, i think they are reasonably priced for what they do and how they are built. A mac is a real computer, just as linux and windows are real computers, saying otherwise just cements you as a fanboy as well
Cool! You'll buy me a new Apple computer? How sweet of you.
Macs have viruses to but not as many but the number is growing everyday and you often see mac viruses which try to blackmail mac users into handing over money. Mac users are target for this because Macs cost more money and so Virus programmers think they can squeeze more money out of you. People would be fine if they:
A. Patch their windows PC's with windows updates
B. Updated Virus definitions and Scan their computers once a week
C: Updated all software to the latest version
D: Not falling for silly phishing scams
I'm not defending windows but your comment makes you look silly all computer operating systems are vulnerable.
Werd! Linux FTW!!!
If Everybody bought a Mac computer they'd simply design more malware for Mac's.
The high quantity of Windows malware compared to Mac's is reflective of market share, nothing more.
You, obviously, have no clue about how OS's are built.
reason for macs not having as many viruses……THEY SUCK. The only thing Macs are good for is writing in word, or making spreadsheets in excel.
typical troll. they have fewer viruses because of how they are built as an OS, as well as having a smaller marketshare. Macs can do anything other computers can do, if you can't then thats a user failing, not a computer one
Hey, HappyMacUser, not everybody wants to pay triple the price for a name. There will be just as many threats for Apple products in the coming months and years as there will be for PC.
So says the OBVIOUSLY uninformed!
No, they would rather aspend like 100x the time scanning, updating and protecting their POS Windows box rather than using it – LOL!!
More like time to NOT have a computer…PERIOD!! 🙂
Ah the clarion call of the blinkered Mac user. Wise up – another name for Apple products is virus carrier – they need a/v too. Only irresponsible users think Macs can’t get infected.
Hi happymac [troll], do you realize Mac have viruses too?
One thing that puzzle me how can a internal Facebook link point to the malware? The url looks correct with no intentional typos.
I obscured part of the url. It's not an internal Facebook link.
http://nakedsecurity.sophos.com/2011/10/03/mac-ma… – worth a read!
Not even a single OS at present is safe, I am a firm believer in fighting against the problem so I don't agree with the previous comment by MacUser., moreover though there are 100s of thousands threats are available for Windows OS , Macs are not safe though.
People hardly know about viruses and their jeopardizing effect on their lives. As today we all are flaunting ourselves to online world it's utmost important for all of us to know about the Cybercrime and what not or what to be done in order to keep ourselves connected without affecting our computers.
"Prevention is better than cure" so keep yourself updated about the things which you are exploring.
And until next time…. Stay Secure.. 😉
Mac OS X is NOT affected!
You sound like the kind of user who doesnt care that thier system has lots of windows Malware on it and is infecting lots of other machines across the globe as you are not affected by this.
While this may not be the case it is certainly how you come across, incidentally, what happened to the concept of good 'net citizenship? clean up your back yard so it does not impact others, try it, you may be surprised by how effective it is rather than being another fan boy/girl.
Mac OS X IS affected by malware: http://nakedsecurity.sophos.com/?s=mac+malware
Lil' lesson for you HappyMacUser… malware exists on non-Windows platforms.
Open your eyes/mind.
Mac's have viri too m8, even the ipad is susceptible. Just, costs you a lot more to clean the mess up 😀 lol
Macs have been less of a target due to the lower number of machines to infect. As the numbers go up, and as more people target Apple like they targeted Microsoft, there will be more and more holes. It's not always just crappy programming (although there is a lot of that), but revisions, other eyes on code, people leaving doors for themselves, etc. As long as there is code, there will be problems. Just be thankful that Macs haven't been as targeted so far.
I think as long as there is a world wide web we will have viruses, Mac & Windows both. People are always searching for a way o steal things and replicate them. Counterfeiting and theivery where ever you go. Hackers will always try to find a way in.Best thing to do is pay safe. An ounce of prevention is worth a pound of cure. Wake up everybody and look on links as a possible virus that need to be checked before you EVER blindly click on them.
Tyw7 – I don't think that is is actually an internal Facebook link. if you look at it it is facebook.com.(something). My guess would be that the .something is its top level domain (instead of .com) and that the third party purchased it know it looks just like a legitimate facebook link. A lot of malicious code and/or users use this technique so be careful!
Don’t over react. Don’t go to links from in chat window, don’t talk to strangers. It’s also REALLY obvious when it’s not a real person. My Windows alerts me to threats as well. I also use AVG so yeah I’m good.
After commenting on here someone tried hacking me! I got a screenshot of the conversation if you want to post it.
Eh it's avoidable.