Yes, the kittens are cute and who wouldn’t want to see another photo of the latest celebrity embarrassing themselves? But can we all just agree that as cool as the latest trending video is on Facebook, it’s probably not worth getting infected over? We’re sure you’ve heard about the malware infecting 110,000 Facebook users. Yes, it’s porn. Yes, at least 20 of your friends will be tagged when the malware takes over your computer, showing everyone on your feed that you viewed a video you might not want grandma or the PTA to know you watched. But the next malware video could be cute puppies, so let’s nip this in the bud!
The really interesting thing to us is that it is a new twist on an old scam: upgrade your Flash player. We’d be willing to bet that not too many infosec folks are falling for this one as it is a rather oldie-but-goodie attack vector. Instead it’s our friends, family members, acquaintances, and that guy you bought coffee from this morning who are out of the loop because we haven’t been griping about this type of attack lately.
Why is this blast-from-the-past getting such great traction on Facebook? Think of it as playing on the notion of tribe mentality. Facebook creates your online tribe. When you see that someone else in your group has gone to the effort to “tag” you in a post and recommended a video for you to watch, you feel compelled to watch it. If one little click on “update now” is all that it takes for you to continue to be a part of that group, well, social psychology says a lot of people are going to take that small step. We’re human, and that means we are influenced by our social interactions. Even though the malware video trolling Facebook doesn’t look like something that would interest you, social proof kicks in and you go with the crowd in an ambiguous situation.
So spread the word! Shout it out to the PTA! Preach it to grandma! Share the love and inform the masses to practice safe Internet-ing! And let that guy you bought coffee from know that friends don’t let friends upgrade Flash player when prompted to by a video. Who knows, he might be grateful enough to sneak a muffin in there, too.
Sources:
https://threatpost.com/facebook-malware-poses-as-flash-update-infects-110k-users/110775/
https://www.itpro.co.uk/malware/23963/porn-video-malware-infects-110000-facebook-users
https://www.social-engineer.org/newsletter/social-engineer-newsletter-volume-4-issue-49/
https://www.social-engineer.org/framework/influencing-others/influence-tactics/social-proof/
I’m left wondering what the success rate of a well-timed campaign purporting to prevent an actual (ongoing) attack such as the one described would be.
Using the last paragraph as a starting point, it certainly sounds like the attack could be amplified — especially when the content is made to look as official.
(e.g. here’s a Facebook instructional video on how to protect against recently reported malware infections)
Some times we see much website have some caption like “Update your flash player”. Better to not deal with that. If you feel that you need update then update it from control panel.
Has there been any evidence to suggest the impact it has upon mobile users? Or is this mainly a hack for desktop users? It would just be interesting to know seen as I imagine there are now a higher proportion of users that use Facebook from a mobile as opposed to desktop.