Facebook is still the largest social networking service today, and so it is not surprising that it is targeted by all kinds of malicious threats. Some of the infections known for that include Ramnit banking Trojan, Kilim Facebook Worm, Facebook Friend Request Virus, and Facebook Child Porn Virus. While some infections are incredibly malicious and dangerous for the Facebook community, others are not as harmful, which makes them less noticeable. That, however, does not mean that they should be ignored. Faceliker Trojan is a relatively new infection, but it is already spreading at full force. In fact, McAfee malware researchers at securingtomorrow.mcafee.com have recently reported that this Trojan accounts for nearly 9% of 52 million new infections. Needless to say, Faceliker is a problem.
While Faceliker cannot put Facebook users at risk – by which we mean that it cannot download other infections, steal information, and do other things that malware is known for – it can exploit them to aid unknown third parties. The infection slithers in, hijacks the browser, and then intercepts the account to divert Facebook “likes” without the user’s knowledge. It is most likely that the infection would slither in if users were visiting malicious websites, which is why this must be avoided at all times. If Faceliker Trojan is activated, it will redirect “likes.” This means that when the user likes the content on Facebook, in reality, that “like” goes to something else. This ensures that unpopular content shows up on the feed. Needless to say, this is fraud, and, unfortunately, unsuspecting Facebook users are tricked into participating without their knowledge. While the victim might be unaware of this activity – unless they check their activity feed – their Facebook “Friends” see the content that is liked, which might trick them into interacting with it as well. Let’s say the Trojan diverts a “like” to a link representing an unreliable shopping site with an irresistible slogan. People who trust the opinion of the person liking this link could click it as well, and that is how they could be scammed by malicious parties.
The hijacking of the “likes” could also be used to promote fake news, and that is what McAfee research team confirms as well. Faceliker Trojan could easily manipulate the popularity of certain types of news articles, making them blow up as popular, attention-worth content. Of course, it is still most likely that the Trojan is used by parties working to advertise services and products. The developer of the infection is likely to be earning money for successfully promoting content that, generally, would be lost in the context of legitimate and reliable content. Overall, while the owner of the account used for fake “likes” is unlikely to be harmed, the users exposed to his content via Facebook feed could potentially be lured in by unreliable services and products. Unfortunately, these users could get themselves involved in scams, and they could be tricked into downloading malware or using bogus services.
It has been reported that Facebook has started to monitor the activity regarding “likes,” and if it is suspected that “likes” are artificial, manipulated by Faceliker Trojan, the user should be shown a message asking to confirm the action. If you come across a message like that, you need to go and check your activity feed immediately. If you find that you have reacted to content you are not familiar with at all, the chances are that your account has been corrupted. Without a doubt, malware requires removal immediately, and it is strongly recommended that legitimate anti-malware software is installed to keep malicious threats away. Even if you successfully remove Faceliker Trojan, you will remain vulnerable if you do not protect yourself reliably. After all, this is just one of the many infections that are likely to target social networking accounts to artificially promote third-party content.