Naked Videos of Facebook Friends Turn Out to Be Trojans

Photo credit: dolphfyn/
Photo credit: dolphfyn/

The sexting craze has increasingly bled over into the social media realm, with Facebook and Twitter messaging of intimate photos becoming more common. Some are even posting links to “private” content on friends’ walls. And as if on cue, malware authors have moved to capitalize on the oversharing phenomenon, with a new scam that promises naked videos of friends but instead delivers a nasty bit of malware.

In the scam, which continues to spread on the social network, cybercriminals use a variety of messages that incorporate the names of Facebook friends alongside phrases like “private video,” “naked video” or “XXX private video.” It can multiply itself by tagging users’ friends rapidly, according to Bitdefender, which uncovered the infection (so to speak).

To make the scam more credible, cybercriminals also faked the number of views of the adult video to show that over 2 million users have allegedly clicked on the infected YouTube link. To add another touch of realism, the malware creators also added a message that the video is “age-restricted” based on “Community Guidelines.”

So what happens when a duped friend clicks? “When clicking the link that promises videos of their friends naked, users are redirected to a fake YouTube website where a FlashPlayer.exe file deploys a Trojan,” explained Catalin Cosoi, chief security strategist at Bitdefender, in an email statement. “A fraudulent web page advises that Adobe Flash Player has crashed and an update to the latest version is required. The malware then installs a browser extension capable of posting the scam on users’ behalf and stealing their Facebook pictures.”

Bitdefender found that the UK was the second most affected country by number of users, but infections were also detected in France, Germany, Italy and Romania.

Facebook scams are nothing new and are bound to persist as long as we as a species continue to like and post and poke and send Candy Crush Saga invites. In February, for instance, a fake “suggested post” advertising campaign targeting Spanish-speaking Facebook users with Android devices promised WhatsApp users the chance to spy on their contacts' conversations (3,752 Facebook likes) or the ability to hide the user's WhatsApp status (1,997 likes). They are not, however, genuine apps, but lures to trick users into downloading malicious apps.

What’s hot on Infosecurity Magazine?