[Warning] Latest Facebook Malware Link – “r0ller c0aster”

Shocker.  The ‘0rgasm’ post on Facebook leads to a virus (Trojan).  Funny enough, it hasn’t been men that have been clicking on the link in the feed.  🙂

Here’s what the latest scam/virus/fake link looks like…

Facebook malware virus trojan scam social engineering

They’re trying to circumvent Facebook’s detection algorithm by tossing in zeros (0) for the O’s…

Trying to trick Facebook's algorithms

I don’t really feel too bad for those who clicked this (come on, isn’t this one just obvious?), but we still have to bring it to everyone’s attention.  The very nature of Facebook’s “social – proof” feedback leads to people almost unconsciously clicking random links in the Facebook feed.  “Oh, I bet this is funny, it can’t be too bad.”  All it takes is one click and your system is infected.

Well, this one is a Javascript loader that pushes a Trojan onto your PC…

ESET Nod32 Blocks Javascript Loader Trojan

If you clicked the ‘r0ller c0aster’ link in the Facebook Feed and you didn’t see a notification from your antivirus software instantly, then you are infected, 100%, no doubt.  You should be running ESET Nod32.  What if an employee clicked on that link while at your store?  Your consignment software would be rendered useless until the infection was removed.  How many minutes can you go without your systems?  How many hours?  What if your backups stopped working two days ago, but you didn’t know?  Now your systems are down and you might’ve lost the last few days’ worth of data.  See how quickly one little *click* could turn into a disaster?

The interesting thing is, ESET’s database knew about this threat and Facebook didn’t.  Now, Facebook isn’t security software (not primarily), but it does perform security tasks.  They do parse new posts for known-bad URLs and will either toss up a CAPTCHA or if it’s a known-threat (according to Facebook, that is), then they’ll block the post altogether.  Maybe Facebook could/will eventually get to the point where they utilize a global threat database.

This is one of the topics we’ll be discussing this Saturday at the 2011 NARTS Conference in Dallas, TX.  There is no silver bullet.  Sure, this is technology and security programs exist, but social engineering and people trying to scam you isn’t unique to technology.  We’ll continue to show the types of posts used to dupe you into installing malware.  Just stop and look at the URL before you click.  Make sure it’s a trusted URL.  And no matter what, just start using ESET Nod32, please?  How many times are you going to see someone get infected or you yourself, end up with an infected system?

I am a Software Developer, System Administrator, and consignment software specialist. I currently manage hundreds of consignment workstations, point of sale systems, and database servers all across North America and I am the developer of Peeps' Software, Peeps2Go, and Peeps' Consignor Login for iOS and Android. I've been helping consignment & resale store-owners since 2003. I started The Computer Peeps in February of 2010. Peeps' Software launched in 2016 and is now on hundreds of systems all across North America. I have successfully converted dozens of stores from all of the major consignment software systems. After 20 years of working with consignment stores, I understand the unique challenges consignment & resale store-owners face. From electrical issues in old buildings or strip malls, to advocating for them when their old consignment software keeps crashing.

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*

Back To Top