Facebook malware
The social media platform and social networking service Facebook has been affected multiple times over its history by intentionally harmful software. Known as malware, these pose particular challenges both to users of the platform as well as to the personnel of the tech-company itself. Fighting the entities that create these is a topic of ongoing malware analysis.
Types of malware and notable incidents
Attacks known as phishing, in which an attacker pretends to be some trustworthy entity in order to solicit private information, have increased exponentially in the 2010s and posed frustrating challenges. For Facebook in particular, tricks involving URLs are common; attackers will maliciously use a similar website such asIn terms of applications, Facebook has also been visually copied by phishing attackers, who aim to confuse individuals into thinking that something else is the legitimate Facebook log-in screen.
In 2013, a variant of the "Dorkbot" malware caused alarm after spreading through Facebook's internal chat service. With suspected efforts by cybercriminals to harvest users' passwords affecting individuals from nations such as Germany, India, Portugal, and the United Kingdom. The antivirus organization Bitdefender discovered several thousand malicious links taking place in a twenty-four hour period, and contacted the Facebook administration about the problem. While the infection was contained, its unusual nature sparked interest given that the attackers exploited a flaw in the file-sharing site MediaFire to proliferate phony applications among victims' Facebook friends.
The real computer worm "Koobface", which surfaced in 2008 via messages sent through both Facebook and MySpace, later became subject to inflated, grandiose claims about its effects and spread to the point of being an internet hoax. Later commentary claimed a link between the malware and messages about the Barack Obama administration that never actually existed. David Mikkelson of Snopes.com discussed the matter in a fact-checking article.
On 26 July 2022, researchers at WithSecure discovered a cybercriminal operation that was targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using data-stealing malware. They dubbed the campaign as 'Ducktail' and found evidence to suggest that a Vietnamese threat actor has been developing and distributing the malware with motives appeared to be purely financially driven.