In this post, we are going to analyze some of the most widespread malicious software on Facebook and learn how to remove it. These applications can reach us through our friends’ walls, messages from acquaintances or strangers, or by seeing them recommended on some website or blog.
By clicking on one of these links, these applications are sent to all our contacts. Sometimes they ask for authorization before doing so, although sometimes this forwarding happens without the user being aware of it. In this way, these applications achieve rapid spread, similar to that of a computer virus.
But before learning how to remove these applications from our computer, let’s look at some typical examples that are commonly seen on Facebook.
Examples of Malware on Facebook
If you use Facebook, you have probably received (a lot of) invitations to the “Mi Calendario” (My Calendar), “Mi cumpleaños” (My Birthday), or some other of the many similar applications. The first thing that should make us suspicious about these applications is that Facebook natively provides event calendar and birthday functions. So, why do you need an application for this? However, many (but many, eh!) people have authorized this application, meaning it potentially has access to all their private data. Curious.
Another typical example of dishonest applications are those that claim to provide you with special functionalities. For example, showing who has viewed your profile recently, changing Facebook’s color, helping you delete your entire timeline, or getting someone’s password. Don’t overthink it, these functions do not exist. They are scams and frauds; nothing good can come from them.
Another common case is someone sending us a message or posting on our wall, a video like “Watch this and tell me what you think”, “Have you seen you’re in a video?”. It is insinuated that someone has posted compromising images or videos of us, or that someone is criticizing or slandering us. Logically, we innocently (or not so innocently… but what kind of videos do you guys record?!) will go see what is being said about us.
It is also common to get infected with malicious software if you try to watch an “amazing video”. These videos often use an image with some sexual content, not explicit to avoid being reported, but it is insinuated that the video content could be erotic. That, logically, brings a large number of views by taking advantage of people’s intrinsic curiosity.
However, the content of these “amazing videos” can also simply be humor or curiosity content, which tries to grab the user’s attention. Any system is valid when trying to deceive the user and get that coveted “click”.
Finally, I present a more subtle case, less obvious than the previous ones, and one in which I have seen a lot of people fall. This time, it presents a real news story or video hosted on a genuine news page, such as Yahoo or YouTube. However, when clicking the link, we are asked for permission before continuing. By accepting, we are taken to the real news, so it is easy to overlook that in the middle we have authorized a third-party application to have access to our account.
What Do These Programs Do?
What is the function of these programs? What are they looking for, besides spreading and trying to reach as many users as possible through deception? For example, the other day I saw a poster like the following circulating, warning about the dangers of these programs.
Well, the first thing is to stay calm. These applications can hardly be considered a virus and, in any case, certainly not a dangerous one. It is difficult for a program to be classified as a “very aggressive virus” when it needs user authorization to act or spread (sometimes, several authorizations).
Fortunately for you, your private data is important, almost exclusively, to you alone. None of the developers of this malware care in the slightest about what you post on your wall, what you like or dislike, what you comment on your friends’ walls, or any of your private data. Not even your photos at the beach, no matter how “super cute” you looked posing with your friends. Accept it, that’s how it is. Your private data isn’t even useful for obtaining statistics; there are easier and cheaper ways to get them.
So, what function are these programs looking for? Well, as always, to make money. And how can these programs convert thousands of “infected” computers into money? Well, through two ways.
One obvious way is, in the links that redirect you to a Facebook page or group, to provide visits to a page. This page can belong to the application developer, or they sell their services on the Internet, promising to increase the number of visits to your page for a certain amount of money. The page will increase its number of followers and visits and, ultimately, will obtain higher advertising revenue.
On the other hand, although it may sound strange, on certain websites Facebook “likes” are sold. It may seem weird, but it is a common practice in certain companies that decide to buy “likes” to give the impression that their brand is more important. In this way, by clicking on one of these programs, you may “like” or even follow people without even realizing it.
In any case, the truth is that these are programs that are doing things they are not supposed to be doing. Therefore, it is malware, which spreads through the clicks of trusting users (what is called click-jacking) and it is necessary to remove it from our system.
In the next post (available here) we will see how to remove these applications from Facebook.
