14 DAY TRIAL // A Danish security company called CSIS stumbled upon a worm that spreads from one Facebook customer to all the ones found in his contact list.
GFI reports that the worm relies on stolen Facebook account credentials to spam all the friends of the victim by advertising a link that allegedly points to a jpeg image file.
In reality, once the link is clicked, the user is served a malicious screensaver that among other elements, drops the infamous account-stealing ZeuS Trojan.
The interesting thing about this worm is that it has an anti-virtual-machine capability which prevents researchers from executing and testing it in virtual environments.
Internet users are advised to stay clear of all advertisements that point to shady locations and if they’re served a suspicious executable file, it should be immediately deleted.