The discovered worm resembles very much the virus described by the hackers

Nov 14, 2011 12:38 GMT  ·  By
We'll soon find out if Backdoor-Bifrose-AAJX is the worm created by Anonymous programers
   We'll soon find out if Backdoor-Bifrose-AAJX is the worm created by Anonymous programers

Researchers from Bitdefender stumbled upon what they believed to be the Fawkes Virus advertised by Anonymous not long ago in a Youtube video.

Not long after the video announcement was launched online, experts from the security company came across a Facebook scam that promised a New Facebook Video Chat with Voice Features which came with an Arabic description.

The links from the advertisement led to a file called scan_facebook.zip. The innocent looking archive actually contained a variant of the malicious software detected by Bitdefender back in July as Backdoor-Bifrose-AAJX.

This seems to be the famous virus since it comes via Facebook and it practically acts exactly as described in the clip.

“[It] injects itself in IE process, provides a remote attacker unhindered access to the compromised system, records keystrokes and kills several processes of known AntiMalware solutions, if installed on the computer,” the researchers reveal.

Even though the piece of malware doesn't have a self-replication component, it seems to request a connection to a remote server located in Egypt, fact not mentioned in the announcement.

A cleverly designed worm can easily infect the devices of many social network customers, especially those who don't have an appropriate security product installed on their devices.

Since this threat maintains a low profile and since it's nowhere close to the intensity described by Anonymous, there are two main plausible scenarios.

Either the virus exists on the social network but it doesn't spread quite like they claimed, or the whole thing is made up and there's no actual worm.

The security experts will keep a close eye on this threat to see how it spreads and how it acts so we'll soon probably know if the infamous hacker collective is behind this or not. In the meantime, make sure your virus definition database is up to date and stay clear of anything that looks suspicious on Facebook.