If you get a posting on your Facebook wall saying something like “this is without doubt the sexiest video ever! π π :P” which might be accompanied by a video titled “Candid Camera Prank” DON”T click on the video: it’s a lead-in to malware.
If you click on the link it will take you to what looks like a Facebook application which then tells you that your video player is out of date β and encourages you to download a file.
If you do what it asks, then the same “video” plus link gets posted using your profile photo to all your friends on Facebook -β meaning it is spreading virally.
The file seems to install a piece of adware called Hotbar, which thus generates revenue for the malware writer. (About Hotbar: “displays a dynamic toolbar and targeted pop-up ads based on its monitoring of Web-browsing activity. The toolbar appears in Internet Explorer and Windows Explorer. The toolbar contains buttons that can change depending on the current Web page and keywords on the page. Clicking a button on the toolbar may open an advertiser Web site or paid search site. Hotbar also installs graphical skins for Internet Explorer, Outlook, and Outlook Express. Hotbar may collect user-related information and may silently download and run updates or other code from its servers.”)
via guardian.co.uk