Feeds

Facebook filth flood – Fawkes Virus to blame?

Objectionable tsunami surges up Walls

Top 5 reasons to deploy VMware with Tegile

The newsfeeds of numerous Facebook users have become flooded with filth – specifically violent and pornographic images – as the result of an attack against the social network over the last day or so.

Objectionable content such as photoshopped images of celebrities such as Justin Bieber in sexual situations, violent pictures and depictions of an abused dog have appeared on the social network. Victims confronted by these images have taken to Twitter to vent express their outrage, as is the local custom.

Net security firm Sophos was among the first to warn of the apparent outbreak, following first-hand reports of the outrage by readers of its Naked Security blog. The mechanism behind the spread of the offensive content remains unclear, although some form of clickjacking attack is one obvious contender.

The motives behind that attack – much less its perps – also remain anybody's guess, though one obvious suspect has to be Anonymous. The shock content fits Anonymous' style, or at least its 4chan roots, and supposed members of the group have been threatening Facebook of late.

A supposed 5 November campaign against Facebook, disavowed by prominent members of Anonymous months ago, came to nothing. We were inclined to write off another threat that surfaced on Friday as probably another hoax (or damp squib) but perhaps we spoke too soon.

A purported member of Anonymous announced its intention to release a “highly sophisticated” worm onto Facebook last week. The so-called Fawkes Virus consists of a "highly sophisticated worm, with advanced network self-replication and remote abilities,” according to the message. It “sends out malicious links and gains access to your account”, something that might fit with the outbreak of filth reported by Sophos.

"If it’s not a hoax, it appears to have the characteristics of 2008's KoobFace, but unlike its predecessor it should also receive commands from a remote attacker and simulate 'basic actions on Facebook accounts, such as sending a friend request or a message'," Razvan Livintz, an analyst at Romanian anti-malware firm BitDefender wrote last Friday.

The supposed activist released a video discussing the malware, whose original creation date matched that of a Trojan, called Bifrose-AAJX, detected by Romanian anti-malware firm BitDefender since 8 July.

Last Friday (11 November), links to download Bifrose-AAJX appeared on Facebook under the guise of a scam purporting to offer a "New Facebook Video Chat with Voice Features". Users were encouraged to follow a link to download the software, actually a backdoor that logs keystrokes and gets up to all manner of other mischief.

Aside from the timing there's nothing much to link the Bifrose-AAJX scam with the Fawkes virus, as BitDefender acknowledges. "It doesn't have the self-replication component Anonymous said it should have. It does connect to a remote server in Egypt instead, which is something the video 'forgot' to mention," Bitdefender staffer George Lucian Petre wrote on Saturday.

So to summarise a somewhat confusing situation: objectionable content is appearing in users' news feeds on Facebook for reasons unknown. This may or may not be linked to a threatened malware-powered attack against the social network by someone purporting to represent Anonymous.

We're asking Facebook to comment on the situation and will update this story as and when we hear more. ®

Beginner's guide to SSL certificates

More from The Register

next story
It's Big, it's Blue... it's simply FABLESS! IBM's chip-free future
Or why the reversal of globalisation ain't gonna 'appen
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Microsoft and Dell’s cloud in a box: Instant Azure for the data centre
A less painful way to run Microsoft’s private cloud
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
CAGE MATCH: Microsoft, Dell open co-located bit barns in Oz
Whole new species of XaaS spawning in the antipodes
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.