New facebook malware attack uses false video in wall posts

Sophos is warning users of Facebook to exercise caution when clicking on links in wall posts, following an attempt by hackers to infect computers by spreading messages containing malicious links on the popular social networking website.

Messages left on Facebook users’ walls are urging members to view a video (which pretends to be hosted on a Google website), but clicking on the link and visiting the webpage actually takes users to a site which asks them to download an executable to watch the movie. 

Sophos warns that the dangerous Facebook messages include a link to a third party website of the form:

http://www.google.com.id. [removed] .cn/gallery.php?id=…

The executable file, detected by Sophos as the Troj/Dloadr-BPL Trojan horse, then downloads further malicious code (detected as Troj/Agent-HJX), and displays an innocent image of a court jester sticking his tongue out.

Sophos experts believe that businesses need to set policies regarding Facebook usage, and implement web security solutions, to prevent dangers entering the workplace.