Feeds

Facebook filth flood – Fawkes Virus to blame?

Objectionable tsunami surges up Walls

Next gen security for virtualised datacentres

The newsfeeds of numerous Facebook users have become flooded with filth – specifically violent and pornographic images – as the result of an attack against the social network over the last day or so.

Objectionable content such as photoshopped images of celebrities such as Justin Bieber in sexual situations, violent pictures and depictions of an abused dog have appeared on the social network. Victims confronted by these images have taken to Twitter to vent express their outrage, as is the local custom.

Net security firm Sophos was among the first to warn of the apparent outbreak, following first-hand reports of the outrage by readers of its Naked Security blog. The mechanism behind the spread of the offensive content remains unclear, although some form of clickjacking attack is one obvious contender.

The motives behind that attack – much less its perps – also remain anybody's guess, though one obvious suspect has to be Anonymous. The shock content fits Anonymous' style, or at least its 4chan roots, and supposed members of the group have been threatening Facebook of late.

A supposed 5 November campaign against Facebook, disavowed by prominent members of Anonymous months ago, came to nothing. We were inclined to write off another threat that surfaced on Friday as probably another hoax (or damp squib) but perhaps we spoke too soon.

A purported member of Anonymous announced its intention to release a “highly sophisticated” worm onto Facebook last week. The so-called Fawkes Virus consists of a "highly sophisticated worm, with advanced network self-replication and remote abilities,” according to the message. It “sends out malicious links and gains access to your account”, something that might fit with the outbreak of filth reported by Sophos.

"If it’s not a hoax, it appears to have the characteristics of 2008's KoobFace, but unlike its predecessor it should also receive commands from a remote attacker and simulate 'basic actions on Facebook accounts, such as sending a friend request or a message'," Razvan Livintz, an analyst at Romanian anti-malware firm BitDefender wrote last Friday.

The supposed activist released a video discussing the malware, whose original creation date matched that of a Trojan, called Bifrose-AAJX, detected by Romanian anti-malware firm BitDefender since 8 July.

Last Friday (11 November), links to download Bifrose-AAJX appeared on Facebook under the guise of a scam purporting to offer a "New Facebook Video Chat with Voice Features". Users were encouraged to follow a link to download the software, actually a backdoor that logs keystrokes and gets up to all manner of other mischief.

Aside from the timing there's nothing much to link the Bifrose-AAJX scam with the Fawkes virus, as BitDefender acknowledges. "It doesn't have the self-replication component Anonymous said it should have. It does connect to a remote server in Egypt instead, which is something the video 'forgot' to mention," Bitdefender staffer George Lucian Petre wrote on Saturday.

So to summarise a somewhat confusing situation: objectionable content is appearing in users' news feeds on Facebook for reasons unknown. This may or may not be linked to a threatened malware-powered attack against the social network by someone purporting to represent Anonymous.

We're asking Facebook to comment on the situation and will update this story as and when we hear more. ®

5 things you didn’t know about cloud backup

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Docker kicks KVM's butt in IBM tests
Big Blue finds containers are speedy, but may not have much room to improve
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Gartner's Special Report: Should you believe the hype?
Enough hot air to carry a balloon to the Moon
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Dell The Man shrieks: 'We've got a Bitcoin order, we've got a Bitcoin order'
$50k of PowerEdge servers? That'll be 85 coins in digi-dosh
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.