Skip to main content

A new Facebook virus has already infected 800,000 users – here’s what you need to know

facebook virus has already infected 800000 users fb header
Image used with permission by copyright holder

There’s a new password-swiping virus spreading on Facebook, and once again the malware preys on the social trust accrued by the network.

Over 800,000 people have already been affected by the virus, which looks like a video sent by a friend. Once someone clicks on it, they are routed to a website that tells them they need to download a plug-in to watch the video.

Recommended Videos

And if they download the plug-in is when trouble starts. The download gives the malware creators access to a user’s password, often for email as well as Facebook and Twitter. This gives the attacker the ability to pretend to be their victim, potentially wringing more personal information out of their accounts. This is how the virus spreads; since the attackers have access to the infected accounts, they use those handles to reach out to other victims, spreading the video.

Carlo de Micheli, one of the researchers, told the New York Times that instances of the attacks were growing rapidly, with 40,000 new cases an hour.

Google responded by disabling browser extensions that allowed the attack, which may seriously impede future growth. But while the attackers were primarily using the Google Chrome browser, De Michelli said that the attackers were adapting their malware program to get around defensive measures, and that they had already adapted it for Mozilla Firefox.

This latest attack is troubling because it shows a substantially more sophisticated understanding of how to take advantage of Facebook to spread spam than other attacks. Because this type of attack, where the user is prompted to download a plug-in, is not very well-known, even users who are generally savvy about viruses can get duped. This isn’t your typical weight loss link popping up, supposedly recommended by your friend. This looks like it’s a message directly to you.

As malware attackers continue to innovate ways to get at your personal information, it’s important to assume that anything sent to you may be spam. Look for signs that an email or Facebook message is actually addressed to you – for instance, if you got this newest virus sent to you, it wouldn’t be a personalized message, but just a link from your friend. Do your friends often send you links without any comments? If so, tell them next time to put a little personal remark next to the link so you know it’s not a virus. Facebook, Chrome, and Firefox need to take safety precautions to avoid this kind of thing happening, but users also need to stay smart about what they open and what they download.

Kate Knibbs
Former Digital Trends Contributor
Kate Knibbs is a writer from Chicago. She is very happy that her borderline-unhealthy Internet habits are rewarded with a…
I paid Meta to ‘verify’ me — here’s what actually happened
An Instagram profile on an iPhone.

In the fall of 2023 I decided to do a little experiment in the height of the “blue check” hysteria. Twitter had shifted from verifying accounts based (more or less) on merit or importance and instead would let users pay for a blue checkmark. That obviously went (and still goes) badly. Meanwhile, Meta opened its own verification service earlier in the year, called Meta Verified.

Mostly aimed at “creators,” Meta Verified costs $15 a month and helps you “establish your account authenticity and help[s] your community know it’s the real us with a verified badge." It also gives you “proactive account protection” to help fight impersonation by (in part) requiring you to use two-factor authentication. You’ll also get direct account support “from a real person,” and exclusive features like stickers and stars.

Read more
Here’s how to delete your YouTube account on any device
How to delete your YouTube account

Wanting to get out of the YouTube business? If you want to delete your YouTube account, all you need to do is go to your YouTube Studio page, go to the Advanced Settings, and follow the section that will guide you to permanently delete your account. If you need help with these steps, or want to do so on a platform that isn't your computer, you can follow the steps below.

Note that the following steps will delete your YouTube channel, not your associated Google account.

Read more
How to download Instagram photos for free
Instagram app running on the Samsung Galaxy Z Flip 5.

Instagram is amazing, and many of us use it as a record of our lives — uploading the best bits of our trips, adventures, and notable moments. But sometimes you can lose the original files of those moments, leaving the Instagram copy as the only available one . While you may be happy to leave it up there, it's a lot more convenient to have another version of it downloaded onto your phone or computer. While downloading directly from Instagram can be tricky, there are ways around it. Here are a few easy ways to download Instagram photos.

Read more