The Facebook porn Trojan claims over 100,000+ victims in just two days.

The malicious software “tags” the infected user’s friends in an enticing post.

It has been less than a week since a warning was first issued by researcher Mohammad Reza Faghani about a new trojan “propagating through Facebook which was able to infect more than 110,000 users only in only two days,” reports AVN.

The malicious software, he added, “tags the infected user’s friends in an enticing post. Upon opening the post, the user will get a preview of a porn video which eventually stops and asks for downloading a (fake) flash player to continue the preview. The fake flash player is the downloader of the actual malware.”

Faghani continued, “This trojan is different from the previous trojans in online social network in some techniques. For instance, the previous trojans sent messages (on behalf of the victim) to a number of the victim’s friends.”

Upon infection of those friends, the malware could go one step further and infect the friends of the initial victim’s friends.

“In the new technique, which we call it ‘Magnet,’ the malware gets more visibility to the potential victims as it tags the friends of the victim in a the malicious post,” he added. “In this case, the tag may be seen by friends of the victim’s friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation.”

Ominously, Faghani reported that during his initial investigations, the malware also was able to hijack keyboard and mouse movements, He also noted, “Existence of the chromium.exe in the Windows processes, is an Indication of Compromise (IoC). The malware tries to connect to the following network upon execution: www.filmver.com and www.pornokan.com.”

Yesterday saw a flurry of stories on the new threat, including by ThreatPost.com, which first reported on the bug Friday and which yesterday updated its story with a comment from Facebook.

“We use a number of automated systems to identify potentially harmful links and stop them from spreading,” a spokesperson told the site.

“In this case, we’re aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites. We are blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook.”

PC Advisor offers some advice about how to avoid the virus


The best selection of Jockstraps
  • Twitter
  • Google +
  • Tumblr