New Facebook Worm Spreads

When, oh when, will it be safe to view Internet porn?

All jokes aside, AVG Technologies reported a new worm targeting Facebook users. The worm spreads by putting an alluring picture of a woman on the profile pages belonging to people it infects. The picture will also appear in the person's News Feed.

If you click the picture, it takes you to a malicious site that will ask you to click on a picture if you "want 2 c something hot."

Unfortunately, all the user gets is a worm.

"This worm uses what is technically known as a CSRF (Cross-site Request Forgery, also called XSRF) attack," blogged Nick Fitzgerald, emerging threats researcher at AVG. "A sequence of iframes on the exploit page call a sequence of other pages and scripts, eventually resulting in a form submission to Facebook "as if" the victim had submitted a URL for a wall post and clicked on the "Share" button to confirm the post."

Once you are infected, your profile and status will be updated to show the scantily dressed vixen, and the saga continues. No word from AVG on whether this is in any way tied to Koobface, which continues to target Facebook and other social networks. As always, the advice is to be careful what you click.