How to avoid the latest Facebook threat: New 'Magnet' Trojan attack targets users through porn

More than 110,000 Facebook users have fallen victim to a Trojan in two days, and that number is rising. Here's how to avoid the latest Facebook threat. Also see: 13 best Facebook tips & tricks 

On Thursday the Full Disclosure mailing list reported that a Trojan was propagating through Facebook, and had already infected 110,000 users in just two days. 

It said that the Trojan was spreading itself through infected user accounts by posting a porn video on their behalf and tagging up to 20 of their friends.  

This new approach to circulating malware on Facebook works faster than previous Trojans, which typically send private messages containing dodgy URLs, since it has increased visibility. Not only will the tagged friends see the post, but many of their friends will also see it and may be tempted to click. Full Disclosure refers to this as a 'Magnet' attack. Also see: Security Advisor 

Should anyone click the video to play it, they are asked to download a Flash player to continue watching the video. In fact they will download a keylogger that can track their keyboard and mouse movements, and continue to spread itself through their friends list. 

According to Full Disclosure the malware drops the chromium.exe executable, which is otherwise known as bon joueur and a generic dropper that installs various malware on the system. Once installed, the Trojan communicates through filmver.com and pornokan.com. 

How to avoid the Facebook porn scam 

Facebook is aware of and working to stop the malware spreading, according to ThreatPost. It told the site: “We use a number of automated systems to identify potentially harmful links and stop them from spreading. In this case, we’re aware of these malware varieties, which are typically hosted as browser extensions and distributed using links on social media sites. We are blocking links to these scams, offering cleanup options, and pursuing additional measures to ensure that people continue to have a safe experience on Facebook.” 

In the meantime, you can avoid the Trojan quite simply by being aware of it. While you might not be willing to not click on any raunchy videos, be wary of those that ask you to download additional files.  

Rather than accepting the request to download, in this case Flash Player, you can check you have the latest version by visiting the software vendor's website. To update Flash now just head to get.adobe.com/flashplayer.

You should also keep your PC or laptop protected using antivirus software, and ensure it's always up to date. Also see: 2015's best antivirus for PCs and laptops. 

Follow Marie Brewis on Twitter.