At first, it was November 5. The day we all expected doom to strike the most popular social network of all. As our hopes for the best were confirmed and the social network survived, some voices called this warning a hoax while others claimed the attack actually failed.
On November 11, as we reported here, a new piece of info was released as to the weapon to be used in the attack: the Fawkes virus. At the time, the organization said this â€œhighly sophisticated worm, with advanced network self-replication and remote abilitiesâ€ would help the movement fight corruption and serve as â€œ[â€¦] an alternative attack toward groups who take on Anonymousâ€.
November 12, online socialitesâ€™ hearts skipped a beat once again as Bitdefender Safego identified a piece of malware that appeared to fit this description. The race toward the discovery of â€œthe ultimate weapon in the battle against other groups or individuals undermining [Anonymous]â€™ interestsâ€ seemed to be over. And yetâ€¦
A recent wave of Facebook scams propagating through X-rated baits pumped a new dose of adrenaline into the system and voices rose to defend the thesis that this INDEED is Anonymous at work. We took a different path to the decryption of this mystery and put the pornographic scam flood on Facebook down to cybercriminalsâ€™ preparation for Black Friday. The fact that it resembled other Facebook scam outbreaks and that some of the URLs used to spread this kind of worm contained a domain name related to the idea of shopping (Â laptop-rental-store.info ) supported our hypothesis. Plus, as stated then, we expected the Fawkes virus to rely on more complex mechanisms.
A recent Facebook statement shed some light on the matter of this red light tsunami (i.e. the blameâ€™sÂ on a â€œself-XSS vulnerabilityâ€) and it brought back to mind a warning long forgotten (at least apparently): copy-pasted coded strangers donâ€™t do any good to your social network account.
It appears that weâ€™re back to square one in this puzzling quest for the Fawkes virus. In a video released yesterday by Anonymous, the Fawkes virus threat is renewed.
â€œThe Fawkes virus is here,â€ according to the video. â€œIts beta testing has completed and itâ€™s now a fully armed and operational piece of weaponry. It has already been released on Facebook and will be released on other social networking sites very soon.â€ There was no fail, there was no hoax, it said. All of this time was necessary for due preparations. â€œThe 5th of November was just the beginningâ€, the video warns.
The Fawkes watch continues.
This article is based on the technical information provided courtesy of George Petre, Bitdefender Senior Social Media Security Researcher
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.