New Facebook Worm: OMG Why Are You Tagged In This Vid

It is no secret that Facebook is currently the hottest and happening destination in the online world. And unfortunately this also makes it the ‘hottest hacker’s magnet‘! There has been a recent case of a new Facebook worm spreading fast. The worm disguises itself as a message from a friend on the user’s Wall, stating “WTF I cant believe youre tagged in this vid” or “ROFL I cant believe youre tagged in this video” or “OMG why are you tagged in this vid“.

Here are some more variation of wall post phrases that this worm seems to be using while spreading on Facebook:

1. OMG <your facebook profile name> you should untag yourself in this vid
2. OMG <your facebook profile name> why are you in this vid
3. hey <your facebook profile name> you look so stupid in this vid
4. hey <your facebook profile name> why are you in this vid
5. hey <your facebook profile name> i can’t believe youre tagged this vid
6. ROTFL <your facebook profile name> what are you doing in this vid

When the user clicks on the video, it seems to be loading in an enlarged video player window.

But the real problem starts when the user clicks on the apparently innocent ‘Play’ button on the enlarged video screen. Once you click the Play button, it does not play any video, but instead displays a message that reads, “Select Address bar.  Press Ctrl+V. Press Enter.

But here is what it does in the background. As soon as the user had clicked on the first video link, it starts scanning the user’s friends list and generates a malicious code, which the worm copies into the clipboard memory.

When the user selects the address bar and presses <CTRL>+<V> (which is the keyboard shortcut for paste) then <ENTER> , he/she ends up posting a similar OMG why are you tagged in this vid type message on one of his/her friend’s Wall.

At this moment, it is not yet known what kind of data, apart from your friends list, is accessed by the worm. But knowing some of the past Facebook worms and their malicious abilities, the possibilities of this OMG/WTF worm can be scary!

So how to prevent this spam? Simple, don’t click on any suspicious links in Facebook however attractive it may appear! Hackers are just exploiting the curious nature of human mind to good use in doing their job. To avoid getting such malicious wall messages, you may restrict other people (who are NOT your friends and not in your contact list) from posting on your wall. For doing this, choose:

Account -> Privacy Settings -> Customize Settings -> Things others share -> Friends can post on my Wall ( Enable / Disable ).”

13 Comments

Add a Comment

Your email address will not be published. Required fields are marked *

7 − 6 =

CommentLuv badge