Posted by Virus Bulletin on Jun 1, 2011
Attack targeting Windows and Mac users in US and UK.
A Facebook scam that is doing the rounds at the moment - claiming to contain a 'freaky video' related to the ongoing case concerning former IMF-boss Dominique Strauss-Kahn - is linking to malware.
Like many scams, it spreads via Facebook's 'like' feature and is operated by rogue CPA (cost per action) affiliates. Unlike most scams, however, it does not send the user to deceptive ads but instead sends them to a Lithuanian server that infects them with malware.
As has become common recently, the kind of malware the user is infected with depends on the operating system they use: Mac users see Mac-targeted scareware, while Windows users get infected with Windows malware.
As well as being OS-aware, the attack is also location-aware: users who are not in the US or the UK do not get infected but get sent to YouTube instead.