Facebook Valentine’s Day theme is actually Malware

Posted on February 9th, 2012. Written by Rico.

Computer security firm Trend Micro reported last week that Facebook posts announcing a new “Valentines [sic] theme” are designed to trick unsuspecting (and lovestruck?) users into installing malicious software on their computer.

Those who click on the link attached to these posts are led to another page designed to look like a valid part of Facebook, but is in no way connected to the social network. It claims that Facebook is introducing theme functionality, and to avail, users should click on the Install button. There’s even a fake message claiming that a certain number of the visitor’s Facebook friends already use the new “feature”.

Clicking on the install button downloads the browser add-on file “FacebookChrome.crx”, named “”Facebook Improvement|Facebook.com”. It contains a Trojan labeled TROJ_FOOKBACE.A by Trend Micro.

According to the security firm, TROJ_FOOKBACE tracks users’ surfing activities, displays “ads from certain websites”, and redirects users to “a survey page asking them for their mobile number”.

Installing FacebookChrome.crx also “automatically likes several Facebook pages” and “posts a message on the affected user’s wall.”

It’s worth noting that only Google Chrome and Mozilla Firefox users are asked to download the Trojan. Those who click on a Valentine’s Day theme Facebook post on Internet Explorer are just redirected to the survey page.

Complete details are available on Trend Micro’s blog. You’ve been warned, dear readers!