A dangerous worm has been spreading through Facebook’s messaging system since last week. It has been trying to hijack users’ chats to spread a download link in an effort to compromise their computers and infect them with a Dorkbot malware program.
The malware gives access to the accounts of the compromised users, which allows it to send a malware-infused JPG download link to friends, according to reports by Sophos Naked Security blog.
It is also reported that the malware is identified as Troj/VB-FRI and Troj/VM-FRJ Trojan horse. However, Sophos reports that Facebook’s own anti-virus isn’t able to detect the malware and is continuing to spread across the social networking site.
The download link points to an image of two blonde women, however, it has been infused with a malicious screensaver. When the malicious program begins to execute, it attempts to download more malware files hosted on a compromised Israeli website. The worm has been developed using Visual Basic 6.0 and “contains numerous Anti-VM tricks directed against VMware, Sandboxie, Virtual Box, etc.,” according to the Dutch CSIS Security Group, which first detected the spread of the worm.
Sophos reveals that the link shared by the malware has a sub-domain “facebook.com” through which users on Facebook are easily tricked. Clicking on the link will download and install the Dorkbot malware on your Windows computer.
With over 800 million users, Facebook can’t afford to let scammers spread links which are harmful to its users. Although the Facebook anti-virus isn’t able to detect the malware, Facebook needs to take precautionary measures by blocking the link on the site and prevent it from spreading further. However, make sure that you DO NOT click on irrelevant links on Facebook. Also, its advised that you have your computer scanned for any malware installed on your system.
As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.