Thousands of Facebook users are reporting that they have been hit by a malware attack posing as a video of young bikini-clad women on a beach.
The messages are posted on the walls of Facebook members, seemingly from their friends and associates on the site, with a thumbnail which appears to be an image of a young woman’s bottom in a bikini.The messages read:
<name>, this is hilarious! lol 😛 😛 😛 Distracting Beach Babes [HQ] Length: 5:32
The “Distracting Beach Babes” scam appears to be the latest incarnation of the widespread “Sexiest Video Ever” assault we saw spreading on Facebook last weekend, installing adware onto victims’ computers which can make money for the hackers behind the attack.
And you shouldn’t be in any doubt as to how successful a scheme like this can be. Many Facebook users are all-too-comfortable with receiving salacious videos and humourous links from their friends, and will click on them without a moment’s thought. Unfortunately that can then begin a bombardment of malicious posts to their social networking contacts – do you really want a blitz like this unleashed in your name?
Fortunately, some Facebook users are using the medium to warn each other of the threat:
If you have been hit, you should delete the offending message from your page, scan your computer with an up-to-date anti-virus, change your passwords, review your Facebook application settings. Also, learn an important lesson: don’t be so quick to click on unsolicited links and approve unknown applications in the future.
Perhaps most importantly, tell your friends to also do the same.
I’m beginning to wonder if the cybercriminals deliberately launch these campaigns on the weekends, imagining that anti-virus researchers and Facebook’s own security team might be snoozing.
If you’re regular user of Facebook, why not join the Sophos page on Facebook? We’ll do our best to ensure you are kept up-to-date with the latest security news.