By Jill Scharr
An example bogus YouTube page, with nary a naked friend to be found. (BITDEFENDER)
Who doesn’t want to see naked videos of his or her Facebook friends? That’s the premise of a new malware-distribution scam that has infected 2 million people, according to Romanian anti-malware company Bitdefender.
The scam, which spreads a piece of malware called Trojan.FakeFlash.A, first appears as an advertisement on Facebook pages with a title such as “[Friend’s name]’s private video ” or “[friend’s name]’s naked video.” You’ll also see a picture of that friend, drawn from your friend’s Facebook photos, in the ad.
Clicking on the link leads you to a fake YouTube page so realistic that it even has an age gate, which claims the video’s content is restricted due to YouTube’s community guidelines. The age gate is easy to bypass, but once you get to the actual video, the page will claim Adobe Flash Player has crashed and you need to install an update.
Needless to say, you shouldn’t install that fake Flash Player update. But it may be too late, because the malicious YouTube page will attempt to infect your browser with a drive-by download as soon as you land on it.
The downloaded Trojan installs itself as a browser extension, accesses your own Facebook photos and then repeats the infection process by promising your Facebook friends more naked videos — this time, of you.
Good anti-virus software will block the drive-by download, but you might still be tricked into clicking the “Update Flash Player” button on the fraudulent YouTube player, which also triggers the infection.
This naughty Trojan has appeared in the wild only recently, but it’s already hit several countries, including the United States, says Bitdefender.
Attacks based on fraudulent Flash Player installers have been around for years. This one is spreading particularly rapidly, thanks to its ability to install itself in multiple ways.
If you don’t want this scam to catch you with your pants down, install robust anti-virus software that protects your browser from drive-by downloads. And never, ever click on a broken video clip that offers an Adobe Flash Player update. Instead, go straight to the Adobe site http://get.adobe.com/flashplayer/.