Skip to main content

A new Facebook virus has already infected 800,000 users – here’s what you need to know

facebook virus has already infected 800000 users fb header
Image used with permission by copyright holder

There’s a new password-swiping virus spreading on Facebook, and once again the malware preys on the social trust accrued by the network.

Over 800,000 people have already been affected by the virus, which looks like a video sent by a friend. Once someone clicks on it, they are routed to a website that tells them they need to download a plug-in to watch the video.

And if they download the plug-in is when trouble starts. The download gives the malware creators access to a user’s password, often for email as well as Facebook and Twitter. This gives the attacker the ability to pretend to be their victim, potentially wringing more personal information out of their accounts. This is how the virus spreads; since the attackers have access to the infected accounts, they use those handles to reach out to other victims, spreading the video.

Carlo de Micheli, one of the researchers, told the New York Times that instances of the attacks were growing rapidly, with 40,000 new cases an hour.

Google responded by disabling browser extensions that allowed the attack, which may seriously impede future growth. But while the attackers were primarily using the Google Chrome browser, De Michelli said that the attackers were adapting their malware program to get around defensive measures, and that they had already adapted it for Mozilla Firefox.

This latest attack is troubling because it shows a substantially more sophisticated understanding of how to take advantage of Facebook to spread spam than other attacks. Because this type of attack, where the user is prompted to download a plug-in, is not very well-known, even users who are generally savvy about viruses can get duped. This isn’t your typical weight loss link popping up, supposedly recommended by your friend. This looks like it’s a message directly to you.

As malware attackers continue to innovate ways to get at your personal information, it’s important to assume that anything sent to you may be spam. Look for signs that an email or Facebook message is actually addressed to you – for instance, if you got this newest virus sent to you, it wouldn’t be a personalized message, but just a link from your friend. Do your friends often send you links without any comments? If so, tell them next time to put a little personal remark next to the link so you know it’s not a virus. Facebook, Chrome, and Firefox need to take safety precautions to avoid this kind of thing happening, but users also need to stay smart about what they open and what they download.

Editors' Recommendations

Kate Knibbs
Former Digital Trends Contributor
Kate Knibbs is a writer from Chicago. She is very happy that her borderline-unhealthy Internet habits are rewarded with a…
WhatsApp now lets you send self-destructing voice messages
WhatsApp logo on a phone.

If you’re on WhatsApp and regularly make use of the view once feature for photo and video messages, then you might be interested to learn that the feature has now been expanded to voice messages.

WhatsApp’s view once feature does what it says, deleting a message after it’s been viewed a single time. It’s been available for photos and videos since 2021, but now you can also send voice messages that can only be played once before they, too, disappear from the app.

Read more
X rival Threads could be about to get millions of more users
Instagram Threads app.

Threads -- Meta’s rival to X, formerly Twitter -- has just launched in the European Union (EU), a market with nearly half a billion people.

The app launched in the U.S. to much fanfare in July, with Meta hoping to attract X users disillusioned with the turbulence on the platform since Elon Musk acquired it for $44 billion 14 months ago.

Read more
X (formerly Twitter) returns after global outage
A white X on a black background, which could be Twitter's new logo.

X, formerly known as Twitter, went down for about 90 minutes for users worldwide early on Thursday ET.

Anyone opening the social media app across all platforms was met with a blank timeline. On desktop, users saw a message that simply read, "Welcome to X," while on mobile the app showed suggestions for accounts to follow.

Read more