Facebook Scam Promising Naked Videos Infects Millions

(Image credit: An example bogus YouTube page, with nary a naked friend to be found. Credit: Bitdefender)

Who doesn't want to see naked videos of his or her Facebook friends? That's the premise of a new malware-distribution scam that has infected 2 million people, according to Romanian anti-malware company Bitdefender.

The scam, which spreads a piece of malware called Trojan.FakeFlash.A, first appears as an advertisement on Facebook pages with a title such as "[Friend's name]'s private video" or "[friend's name]'s naked video." You'll also see a picture of that friend, drawn from your friend's Facebook photos, in the ad.

MORE: 7 Ways to Lock Down Your Online Privacy

Clicking on the link leads you to a fake YouTube page so realistic that it even has an age gate, which claims the video's content is restricted due to YouTube's community guidelines. The age gate is easy to bypass, but once you get to the actual video, the page will claim Adobe Flash Player has crashed and you need to install an update.

Needless to say, you shouldn't install that fake Flash Player update. But it may be too late, because the malicious YouTube page will attempt to infect your browser with a drive-by download as soon as you land on it.

The downloaded Trojan installs itself as a browser extension, accesses your own Facebook photos and then repeats the infection process by promising your Facebook friends more naked videos -- this time, of you.

Good anti-virus software will block the drive-by download, but you might still be tricked into clicking the "Update Flash Player" button on the fraudulent YouTube player, which also triggers the infection.

This naughty Trojan has appeared in the wild only recently, but it's already hit several countries, including the United States, says Bitdefender.

Attacks based on fraudulent Flash Player installers have been around for years. This one is spreading particularly rapidly, thanks to its ability to install itself in multiple ways.

If you don't want this scam to catch you with your pants down, install robust anti-virus software that protects your browser from drive-by downloads. And never, ever click on a broken video clip that offers an Adobe Flash Player update. Instead, go straight to the Adobe site at http://get.adobe.com/flashplayer/.

Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+. Follow us @TomsGuide, on Facebook and on Google+.

See more Computing News

TOPICS

Jill Scharr is a creative writer and narrative designer in the videogame industry. She's currently Project Lead Writer at the games studio Harebrained Schemes, and has also worked at Bungie. Prior to that she worked as a Staff Writer for Tom's Guide, covering video games, online security, 3D printing and tech innovation among many subjects.

Latest in Online Security

23andMe has declared bankruptcy — here's how to delete your data now

Valve just pulled a malicious game demo spreading info-stealing malware from Steam

A man filing his taxes electronically on a laptop

AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season

New Mac attack is tricking users into thinking their computer is locked — how to stay safe

Hacker using a stolen social security card

Your Social Security number is a literal gold mine for scammers and identity thieves — here’s how to keep it safe

Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now

Latest in News

Apple Watch Ultra 3 just tipped for two major upgrades

NYT Connections today hints and answers — Tuesday, March 25 (#653)

A first look at Amazon's Fallout TV series coming to Prime Video

‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming

Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on

iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options

23andMe has declared bankruptcy — here's how to delete your data now

More about online security

23andMe has declared bankruptcy — here's how to delete your data now

AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season

Woman has taped her mouth shut with a blue I shaped mouth tape

I tried the viral I-shaped mouth tape to improve my sleep and I'll never wear it again — here's why

See more latest

12 Comments Comment from the forums

das_stig

If your stupid enough to click on a link offering these on Facebook, I have no sympathy for what infects your PC and deserve everything you get !
Reply
mgilbert

Oops... that you have a life...
Reply
agentbb007

LOL have to give credit to the hackers on this one that is a good one. And I have no sympathy for the pervs clicking on this link :)
Reply
gigantor21

I'm not sure if I'm more depressed by the victim's stupidity or disturbed by their viewing habits.
Reply
TechieNewbie

Somewhere there's a lot of sad pervy dude-bros that can't internet.
Reply
englandr753

So that means that 2 out of 3 people you encounter on a daily basis is a facebook perv. Not surprising...
Reply
englandr753

Now they just need to upload the data to all facebook users of who tried to see them naked. Thatd make my day.
Reply
house70

Oh, the mirage of free pr0n.....LOL
Reply
belardo

So if you want to see your mom naked... you deserve the infection.
Reply
curiosul

Now they just need to upload the data to all facebook users of who tried to see them naked. Thatd make my day.
you mean 100% of men and 98% of women?
Reply

Show more comments

Sign up to get the BEST of Tom's Guide direct to your inbox.