Facebook chat worm continues to spread

Filed Under: Facebook, Featured, Malware, Privacy, Social networks

Facebook crackLast week Naked Security warned of a Facebook worm that was spreading on the social network, tricking users into believing that they were clicking on a link to an image.

The bad news is that the attack appears to still appears to be spreading via Facebook's chat system, exploiting compromised users' accounts.

An analysis by SophosLabs has identified that malware designed to install the Dorkbot worm onto users' computers is being spread via Facebook chat. And, for now at least, Facebook's built-in security systems are not preventing it.

Facebook chat log, including malicious link

It wasn't the Facebook friend you are chatting with who sent that message, it was the Dorkbot malware instead. The link may appear - on casual observation - to point to Facebook.com, but in reality it goes to a third-party website.

Although an unsuspecting user may believe that they are clicking on a link to a JPG image, the truth is that they are downloading an executable file that attempts to download further code (another piece of malware) from the net and drops a .BAT batch file onto infected computers.

The ultimate aim of all this malicious activity is to install the Dorkbot malware onto your Windows computer.

Sophos products detect the files as the Troj/VB-FRI and Troj/VB-FRJ Trojan horse respectively.

Clearly it's time, if you haven't already learnt the lesson, to realise that you should always be wary of links shared by friends on social networks - after all, how can you tell it was a friend who sent it or a piece of malware on their computer?

Make sure that you keep informed about the latest malware attacks, scams and other threats on Facebook. Join the Sophos page on Facebook, where over 150,000 people regularly share information on threats and discuss the latest security news.

Hat-tip: Thanks to Naked Security reader Rajesh for sending us the screenshot.

, , ,

You might like

36 Responses to Facebook chat worm continues to spread

  1. guest · 1404 days ago

    Given that this works within Facebook, does it affect Mac OS X and Linux/BSD users too?

  2. HappyMacUser · 1404 days ago

    Clearly it's time, if you haven't learned the lesson by now, NOT TO HAVE A WINDOWS COMPUTER!!!!!!!

    • Rich · 1404 days ago

      why do you care, if it wasn't for pc users macs would get all the attention.

    • Philo · 1404 days ago

      But of course! After all, EVERYONE knows Macs can't get viruses! *Facepalm* heh heh heh

    • HappyLinuxUser · 1404 days ago

      Clearly its time, if you haven't learned the lesson by now. To realise malware can affect any computer regardless of its operating system.

    • Rurouzaru · 1404 days ago

      You can talk when you start using Linux instead of that watered down, over priced piece of crap you think is a real computer.

      • CodArk2 · 1403 days ago

        Nothing is inherently better about linux. Its a geeks OS. There are reasons fewer people use it than mac os after all. Overpriced is relative, i think they are reasonably priced for what they do and how they are built. A mac is a real computer, just as linux and windows are real computers, saying otherwise just cements you as a fanboy as well

    • Cool! You'll buy me a new Apple computer? How sweet of you.

    • Josh · 1404 days ago

      Macs have viruses to but not as many but the number is growing everyday and you often see mac viruses which try to blackmail mac users into handing over money. Mac users are target for this because Macs cost more money and so Virus programmers think they can squeeze more money out of you. People would be fine if they:

      A. Patch their windows PC's with windows updates
      B. Updated Virus definitions and Scan their computers once a week
      C: Updated all software to the latest version
      D: Not falling for silly phishing scams
      I'm not defending windows but your comment makes you look silly all computer operating systems are vulnerable.

    • barcode · 1404 days ago

      Werd! Linux FTW!!!

    • shortstop20 · 1404 days ago

      If Everybody bought a Mac computer they'd simply design more malware for Mac's.

      The high quantity of Windows malware compared to Mac's is reflective of market share, nothing more.

      • AnoneeMouse · 1404 days ago

        You, obviously, have no clue about how OS's are built.

    • Dude weres my car · 1404 days ago

      reason for macs not having as many viruses......THEY SUCK. The only thing Macs are good for is writing in word, or making spreadsheets in excel.

      • CodArk2 · 1403 days ago

        typical troll. they have fewer viruses because of how they are built as an OS, as well as having a smaller marketshare. Macs can do anything other computers can do, if you can't then thats a user failing, not a computer one

  3. Stormland · 1404 days ago

    Hey, HappyMacUser, not everybody wants to pay triple the price for a name. There will be just as many threats for Apple products in the coming months and years as there will be for PC.

    • AnoneeMouse · 1404 days ago

      So says the OBVIOUSLY uninformed!

    • AnoneeMouse · 1404 days ago

      No, they would rather aspend like 100x the time scanning, updating and protecting their POS Windows box rather than using it - LOL!!

  4. CaptKAOS · 1404 days ago

    More like time to NOT have a computer...PERIOD!! :)

  5. LearnTribe · 1404 days ago

    Ah the clarion call of the blinkered Mac user. Wise up - another name for Apple products is virus carrier - they need a/v too. Only irresponsible users think Macs can't get infected.

  6. Tyw7 · 1404 days ago

    Hi happymac [troll], do you realize Mac have viruses too?

    One thing that puzzle me how can a internal Facebook link point to the malware? The url looks correct with no intentional typos.

  7. drayush · 1404 days ago

    Not even a single OS at present is safe, I am a firm believer in fighting against the problem so I don't agree with the previous comment by MacUser., moreover though there are 100s of thousands threats are available for Windows OS , Macs are not safe though.
    People hardly know about viruses and their jeopardizing effect on their lives. As today we all are flaunting ourselves to online world it's utmost important for all of us to know about the Cybercrime and what not or what to be done in order to keep ourselves connected without affecting our computers.
    "Prevention is better than cure" so keep yourself updated about the things which you are exploring.
    And until next time.... Stay Secure.. ;)

    • AnoneeMouse · 1404 days ago


      Mac OS X is NOT affected!

      • Tots · 1404 days ago

        You sound like the kind of user who doesnt care that thier system has lots of windows Malware on it and is infecting lots of other machines across the globe as you are not affected by this.

        While this may not be the case it is certainly how you come across, incidentally, what happened to the concept of good 'net citizenship? clean up your back yard so it does not impact others, try it, you may be surprised by how effective it is rather than being another fan boy/girl.

  8. Bazza · 1404 days ago

    Lil' lesson for you HappyMacUser... malware exists on non-Windows platforms.
    Open your eyes/mind.

  9. Aunty Mac · 1404 days ago

    Mac's have viri too m8, even the ipad is susceptible. Just, costs you a lot more to clean the mess up :D lol

  10. Freddy · 1404 days ago

    Macs have been less of a target due to the lower number of machines to infect. As the numbers go up, and as more people target Apple like they targeted Microsoft, there will be more and more holes. It's not always just crappy programming (although there is a lot of that), but revisions, other eyes on code, people leaving doors for themselves, etc. As long as there is code, there will be problems. Just be thankful that Macs haven't been as targeted so far.

  11. Cindy B · 1404 days ago

    I think as long as there is a world wide web we will have viruses, Mac & Windows both. People are always searching for a way o steal things and replicate them. Counterfeiting and theivery where ever you go. Hackers will always try to find a way in.Best thing to do is pay safe. An ounce of prevention is worth a pound of cure. Wake up everybody and look on links as a possible virus that need to be checked before you EVER blindly click on them.

  12. Tim · 1403 days ago

    Tyw7 - I don't think that is is actually an internal Facebook link. if you look at it it is facebook.com.(something). My guess would be that the .something is its top level domain (instead of .com) and that the third party purchased it know it looks just like a legitimate facebook link. A lot of malicious code and/or users use this technique so be careful!

  13. Jennifer · 1403 days ago

    Don't over react. Don't go to links from in chat window, don't talk to strangers. It's also REALLY obvious when it's not a real person. My Windows alerts me to threats as well. I also use AVG so yeah I'm good.

  14. Jennifer · 1403 days ago

    After commenting on here someone tried hacking me! I got a screenshot of the conversation if you want to post it.

  15. Eh it's avoidable.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley