Malware from the Kilim malware family is spamming Facebook timelines and news feeds across India.
Users are instructed to click a short link to watch a video, according to the Times of India. The link leads to a malicious site claiming to be an Amazon Web Services page but is actually a front used to identify what platform the victim is using and redirected them accordingly. Mobile users were directed to affiliated pages with advertisements while desktop users are asked to download a folder containing malware disguised as adult videos.
The file was actually a downloader worm in the form of Chrome extensions and additional binaries, the report said. Ultimately, the victim's entire Facebook timeline and inbox were spammed with porn. Thousands of users have been affected by the malware globally. The cybercrime unit in India has contacted Facebook's U.S. headquarters.