Techno Kyle

Renowned antivirus company AVG posted a blog post about a facebook worm lurking to some of the wall post luring unsuspecting users to click a picture of a girl attracting you to click a button. And onced click infection starts again in your account by automatically posting a link similar to the one you click before.

Here’s a good definition on what the worm does, courtesy of AVG BLOG

For those unfamiliar with Facebook (is there anyone other than me in that set?) the thumbnail of the worm’s infective page is a link to the page. The worm’s objective, of course, is that others viewing the victim’s wall will click the link, and as they are logged into Facebook, the worm will propagate its link to that victim’s wall, and so on…

This worm uses what is technically known as a CSRF (Cross-site Request Forgery, also called XSRF) attack. A sequence of iframes on the exploit page call a sequence of other pages and scripts, eventually resulting in a form submission to Facebook “as if” the victim had submitted a URL for a wall post and clicked on the “Share” button to confirm the post.

Anyway if you’ve been lured there’s nothing to be worried of. It’s not a desctructive worm in which it can delete an account, It just spam some sexy messages but still it’s better not to click the button.