March 11, 2010

Quarter Million Malicious Facebook Posts


A word of caution to Facebook users: be careful when clicking links on Facebook, even if they're on your friend's page or your favorite superstar's page.

We have detected a malicious campaign that is quickly spreading on Facebook. The malware has very low anti-virus coverage and can be found on prominent Facebook pages such as ones belonging Justin Timberlake (2.1 million fans) and a few others. If you use Facebook and are worried about this, we have a Facebook app that solves this problem (read on). If you are a customer, yes - we stop this at the gateway in real-time.

To get an idea of how fast this link is being shared on Facebook (measured in seconds!), here's a video: 

This is what the malicious campaign looks like (WARNING: Do *not* attempt to go to the link - your computer may get infected): 

Facebook Spam 

The malicious link isn't spreading through high profile names only, but also "long tail" relatively popular Facebook pages.


Virustotal shows a < 15% anti-virus detection rate.


We also detected that this campaign is also spreading on Twitter: 


Websense customers who click this link are protected from it: 

security risk

If you're using Websense Defensio Facebook app , you are notified via email when someone posts something malicious on your Facebook page: 



Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.