Webupon

In a vicious twist, “malicious developers” recently preyed on users of the social networking site facebook’s fear of computer viruses to herd unsuspecting users to infected sites. They managed to do this by poisoning Google search results in a black hat SEO operation. The Facebook application in question, Fan Check,  has since been defended by its developer Janakan Arulkumarasan and declared clean by facebook. But not before the damage was done.

The Fan Check application has been dogged with problems. Initially called the “stalker check,” it had to be renamed after facebook took exception to the word stalker. Then the rumours started and spread virally throughout facebook’s network. Meanwhile, heavy use of the application created bandwidth issues for the developer, and the app was temporarily withdrawn while flash elements were converted to html to streamline the app.

During this downtime, the search results were poisoned and those searching the term “Fan Check App Virus” were diverted to sites purporting to expose the virus, but secretly downloading malicious code onto the unsuspecting searcher’s computer.

The app has now been declared clean by facebook, and relaunched minus bandwidth issues and with a clearer definition of what it does and doesn’t do. Apparently the original description led many to believe the app breached facebook’s rules by monitoring “silent” visits to other user’s profiles. In fact, it merely produces stats on interactions between users, such as commenting on each others status or leaving wall messages.

The malicious sites, however, were displaying false warnings about the app, and encouraging users to download malware disguised as antivirus software, and collecting credit card details into the bargain.

Whilst virus hoaxes are no new phenomenon, and neither is malware masquerading as antivrus software, adding a social networking site into the mix gave devastating speed to this particular situation. Millions of users deleted the app in hours. Thousands of computers were infected, all before the hoax could be exposed as just that.

It’s all too easy to trot out the same old advice: check your facts before forwarding these warnings. But in this case, it was the users who attempted to check the facts who ended up with infected computers. And who doesn’t want to warn all their friends of the possibility of a virus? So what do you do when you receive one of these warnings?

Check the facts. But check with a reputable antivirus software company, rather than simply following the first result in a google search. By all means avaoid the app or program in question until the truth is clear, but hold off on the panic button.