Thousands of Facebook users hit by video attack, Sophos reports

Sophos Press Release

Following links to 'sexiest video ever' risks adware infection

IT security and data protection firm Sophos is warning Facebook users to be wary following a video attack on users this weekend designed to infect computers with adware. Thousands have been hit by the attack which posted a fake video to profiles claiming to be the "sexiest video ever".

The malicious posts, which seemingly came from users' friends on Facebook, read:

<name>, this is without doubt the sexiest video ever! :P :P :P

Candid Camera Prank [HQ] Length: 3:17

The messages were accompanied by what appeared to be a movie thumbnail of a woman on an exercise bicycle wearing a short skirt.

Fake Candid camera prank video on Facebook

However, Sophos experts warn that clicking on the movie's thumbnail doesn't play a video, but takes victims to a Facebook application that tells them they don't have the right player software installed, and tries to trick them into installing revenue-generating adware.

"You may want to watch a sexy video, but you're more likely to end up being plagued by pop-up advertising," warned Graham Cluley, senior technology consultant at Sophos. "Not only is adware being installed on your computer, but the rogue Facebook application is posting the same message to all of your friends' accounts. It's no surprise that your friends might click to watch the movie when it looks to all intents and purposes that you are the person who has sent it to them."

Facebook users hit by the attack are advised not to click on the links or allow the Facebook application to run.

"If you fell victim to this attack, scan your computer with up-to-date anti-virus software, change your passwords, and review your Facebook application settings and remove whatever application was installed during this attack," continued Cluley. "70% more Facebook users are reporting being attacked by malware via the site in the last year, and the problem only seems to be getting worse. Social networking users need to learn not to fall for simple but effective social engineering tricks like this in future."

More information about the attack can be found on Graham Cluley's blog.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at