Facebook users warned of sexy 'Candid Camera Prank' attack

Facebook prank app tries to trick users into installing Hotbar adware, Sophos says

Security firms are warning Facebook users to beware of what's being called the "Candid Camera Prank" attack recently spotted on Facebook that tries to use the lure of a sexy video of a scantily clad woman on a bicycle to download a video player that's actually Hotbar adware, and maybe worse.

FBI details most difficult Internet scams

Websense and Sophos are among the security firms pointing out the dangers of the "sexiest video ever" trick, posted automatically on users' profile pages, that shows a message posted on the walls of Facebook users, seemingly by their friends, of a movie thumbnail of a woman on a bicycle wearing a short skirt in a video entitled "Candid Camera Prank."

Sophos researcher Graham Cluley, who blogged about the attack, writes, "If you click on the thumbnail, you don't view a video at all but instead are taken to a Facebook application," which tries to get each victim to download a video player that's actually an application that will install the Hotbar adware "to generate revenue for the bad guys." Thousands of Facebook users appear to have been fooled by the Candid Camera prank video lure.

The Sophos blog includes a displayed video that demonstrates the attack in action, courtesy of Websense Security Labs researcher Patrik Runald, which captured it in attack mode. When Facebook users fall victim to the attack, the malware automatically spreads the "video" message to your pals, Cluley says. Sophos recommends running up-to-date antivirus software in the event this social-engineering trick succeeds.

Learn more about this topic

Sophos blog on "candid camera prank" attack on Facebook 

Sophos warns of fake iTunes certificate

Worst phishing menace may be making worse version of itself
Must read: 11 hidden tips and tweaks for Windows 10
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies