Published: 08.Sep.2009, 20:21 | Views: 248

Ok, so this new Facebook Fan Check Virus hype is out. What's this all about you may wonder. And, as I suspected from the second I saw it, it turns out to be a hoax. Apparently, someone, at some point, possibly a group of people, started this hype. Status messages started popping up all of the sudden, claiming that Fan Check application is actually planting a virus on your computer. Following the rules of human psichology, a decent percentage of people will actually believe in mentioned status. So, let's asy you have 200 friends, approximately 10 or 20 will believe unconditionaly, and possibly another 10% or 20% will doubt, but put the warning on their status as well... So, we have about 30-40% of your friends spreading this fear. And then it progresses from there...

By some weird set of circumstances, Facebook had a minor problem with timelines on peoples' walls, displaying rather old information. Now, playing with Squid proxy server for work, I had it installed and first thought it was something caused by my proxy server. Let me mention that I haven't installed Fan Check application up to that point - ever. So, I turn off my proxy server, and the timeline bug still occurs. So, Squid is working fine. The bug occurs not the first time you open the page, but only upon reloading a page; old info will be put on your wall. I then started seeing those status messages, claiming that Fan Check is actually a virus. Well, first indication this is a hoax is, well, I had the problem BEFORE adding the Fan Check application. Second, I use Linux, and I doubt they would bother with making some special virus that infects Windows, Linux, and possibly Mac. So, wanting to check, I add that Fan Check application, it does it's work, I see the results, and I remove it. ClamAV says nothing, and everything works as it was supposed to. Timeline is still a bit screwed, but works just like before adding Fan Check. So, I just ignore those status messages, but they just keep popping up. So, wanting to try again, I go to the Fan Check page, just to see it's upgrading or something. This is what actually boosted peoples' fears. I suppose this is what went on in most peoples' heads:

1. Information starts appearing that Fan Check is a virus.
2. Timeline on users walls on facebook gets buggy
3. Suddenly Fan Check application stops working, claiming it's upgrading.
4. Googling for info on "Facebook Fan Check Virus" starts showing results

Conclusion: It must be true.

By the time of me writing this, it seems to me that Facebook has repaired this bug, as I'm not seeing it anymore. Anyway, it was this weird set of circumstances that reinforced the fear in Facebook users, that this Fan Check application was malicious. Now, I'm not saying it is, and I'm not saying it isn't - I just don't know, and frankly, don't plan to investigate it. Graham Cluley of Sophos, claims on his blog that they haven't been able to confirm that Fan Check application is malicious. However, there are a ton of sites, pretending to have information on this virus. It is actually THIS action, going to some site, following the false trail of helpfull information, that infects peoples' computers, ranging from sites pretending to have free tools to clean this virus, to those requiring payment to download cleanup tools. All of these either give you totally useless software, or, in the worst case, give you ACTUAL malicious software. So, my advice would be: STAY AWAY FROM SITES CLAIMING TO HAVE A CURE FOR FACEBOOK VIRUS.
Furthermore, DO NOT SEARCH FOR ANYTHING RELATED TO "FACEBOOK FAN CHECK VIRUS"

If you are worried that something fishy is going on, try to search for the given problem on some of the major anti-virus companies, like Sophos, Symantec, or Kaspersky. If they don't have any kind of a warning, then 90% chance is that there is no virus loose on Facebook.

Some of the people started spreading a rumor that Fan Check application steals and changes your facebook account password. Let me just say that it's very, very, VERY difficult to perform. Our passwords are stored in a database, protected by a certain password. Facebook applications don't have direct access to the database, and hence, can't access your password. In order to change your password, the application must know your current password, and then, using some very clever engineering, fool Facebook that their script is actually a living person, log into your account, and change your password. And by doing that, the "hacker" did what exactly? he can't sell your account, most likely you don't have that much sensitive information on your profile, so what's the gain? Where is their profit in that? You're right - there is none. And let's face it, main goal of all malicious software out there is some sort of profit.

So be calm, don't overreact on Facebook hypes (or MySpace for that matter), and actively use your brain before you do anything that can put your computer at risk. Always think before you leap.