Issue 166 - November, 2013 (2nd Edition) - Page 46
Giraffe Profile Picture Virus Hoax
Message circulating rapidly on Facebook claims that changing your profile picture to that of a giraffe will allow hackers to steal your Facebook login details and remotely control your computer.
The claims in the warning are nonsense and sharing it will help nobody. There is no such virus. The threat described in the message is in no way related to a JPEG vulnerability that was discovered and fixed several years ago. The bogus warning is apparently a response to a popular - and completely harmless - Facebook game in which users who cannot correctly answer a riddle are instructed to change their Facebook profile picture to that of a giraffe for three days as a public acknowledgement of their failure.
A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over google's giraffe pictures.
"It's been done in the past, but with HTML code instead of the JPEG," said James Thompson, chief technical officer for SANS' Internet Storm Center, the organization's online-security research unit. "It is a virus, but it didn't spread very far. We've only had two reports of it."
The Facebook message goes like this: "I just changed my profile picture to a giraffe, but my answer was wrong" When you do it, Facebook automatically gives the hackers your user mail and password, malicious code embedded in the JPEG image gives the hackers everything they need, James said.
The code also installs a back door that can give hackers remote control over the infected computer. Antivirus expert Fred Hypponen of F-Secure warned on Wednesday that the JPEG exploit can also damage your Iphone if you charge it with your computer. By default, antivirus software only scans for .exe files. And even if users change the settings on antivirus software, the JPEG file name extensions can be manipulated to avoid detection.
Microsoft and google are working on it now, oct 25. We recommend Facebook users: DO NOT change your profile picture to giraffes.
According to a message that is currently circulating rapidly on Facebook, a dangerous virus is lurking inside images of giraffes that users may find online via Google searches. The message warns users not to change their profile image to that of a giraffe because the "virus" hidden inside the giraffe .jpg images will allow hackers to harvest their Facebook login email addresses and passwords as well as take control of their computers from afar. It warns that iPhones plugged into an infected computer for charging can also be damaged by the threat.
The message rather obscurely suggests that people are changing their profile pictures to images of giraffes, and thereby compromising their Facebook accounts and computers, to comply with a circulating Facebook message that states "I just changed my profile picture to a giraffe, but my answer was wrong".
However, the claims in the supposed virus warning are nonsense. There is no virus like the one described and Facebook users are certainly not being "hacked" just because they choose to use a random giraffe image as a profile picture.
It is true that, several years ago, a vulnerability was found in computers
running Microsoft Windows that could enable software viewing JPEG image files to launch malicious code. However, a fix for that vulnerability has long since been available.
Some old, unpatched computers may still have the potential to be compromised. However, modern operating systems and software are not likely to be compromised by this vulnerability and it is highly unlikely
that malicious code could be distributed via a normal .jpg file.
Moreover, even if it was still a threat, that vulnerability could not somehow magically infect all of the many thousands of giraffe images that a user might find via a Google search. Nor would it allow criminals to steal login credentials and control the infected computer just because a person used the .jpg file as a profile image.
The creator of the hoax message has attempted to make the nonsensical claims sound more believable by suggesting that computer security experts at SANS Internet Storm Center and at F-Secure have warned about the supposed threat. However, the SANS and F-Secure warnings are derived from a September 2004 CNet article
that discussed an AOL Instant Messenger threat that used the .jpg vulnerability mentioned above.
The threat spread by tricking chat users into visiting a website that hosted the exploited .jpg images. However, the message makes no mention of giraffes. And, there is no current information about a .jpg vulnerability like the one described in the warning message on either F-Secure
or the Internet Storm Center
Thus, it is clear that the prankster who created this hoax has simply lifted portions of the 2004 CNet article and mixed them in with absurd claims about giraffe images.
The hoax is apparently in response to a popular Facebook status game in which users who cannot answer a riddle are instructed to use a picture of a giraffe as their profile picture for three days if they fail to correctly answer a riddle. An example of the message is included below:
Try the great giraffe challenge! The deal is I give you a riddle. You get it right you get to keep your profile pic. You get it wrong and you change your profile pic to a Giraffe for the next 3 days. MESSAGE ME ONLY SO YOU DONT GIVE OUT THE ANSWER. Here is the riddle: 3:00 am, the doorbell rings and you wake up. Unexpected visitors, It's your parents and they are there for breakfast. You have strawberry jam, honey, wine, bread and cheese. What is the first thing you open?Remember... message me only. If you get it right I'll post your name here. If you get it wrong change your profile picture....
This game is harmless. Playing certainly will not give you a virus or allow hackers to hijack your Facebook account or control your computer.
Certainly, as always, users should be cautious when downloading material from unknown websites. Users might be tricked into downloading and installing malware in the mistaken belief that they were downloading an image file.
However, sending on this fake virus warning will only spread alarm and perpetrate misinformation. Sharing it will help nobody.
Last updated: October 28, 2013
First published: October 28, 2013
Written by Brett M. Christensen
Pages in this issue:
- Philippines Typhoon Disaster Scams
- Wedding Invitation Malware Emails
- 'Suspicious Guy Claiming He is You' Spam Emails
- Hunting Family Posing With Dead Elephant Picture
- 'Missing Persons in Australia' Facebook Like-Farming Scam
- Baby Iko Facebook Sick Child Hoax
- 'Young Romanian Woman' Car Crash Scam Warning
- No, Scientists in Texas are NOT Going to Use Sex Offenders for Medical Research
- Facebook Hate Campaign Against Keely Currie
- Chinese Teleportation Road Rescue Video
- PlayStation 4 Like and Share Giveaway Facebook Scam
- Circulating Video of Girl Throwing Puppies Causing Outrage
- 'Bizarre Unknown' Fish Caught in Malaysia Not So Mysterious
- No, The Bitstrips App is NOT an NSA Trojan
- 'Removing An Old Setting' Facebook Notification Message
- Did a Man in China Sue His Wife For Being Ugly?
- '200 Pieces of iPhone' Facebook Giveaway Scam
- Gmail '4 Missed Emails' Pharmacy Spam
- 'Freedom Award Lottery Promotion Agency' Facebook Page Scam
- Spider in Oreo Cookie Photograph
- 'Giant Fukushima Mutant Dog' Picture
- Oprah Winfrey is NOT Dead - Links in Message Lead to Rogue App
- ANZ Phishing Scam - 'We Detected a Login Attempt With a Valid Password'
- 'Microsoft Facebook Yahoo Windows Live Award' Advance Fee Scam
- Chemical Burns From Gel In Diaper Warning Message
- Charles F. Feeney 'Grant Donation' Advance Fee Scam
- False and Damaging Rumour - 'RSPCA Paid to Keep Quiet About Halal Slaughtering'
- 'Apple ID Information Updated' Phishing Scam
- ASDA Attempted Kidnapping Hoax
- Bogus Message Proclaims ' Christmas is banned: IT Offends Muslims'
- False Rumour - Patron at Cosmo Romford Finds Dog Microchip Wedged in Tooth
- Hoax - Picture of 'World's Largest Tortoise'
- Fogg Hill Wolf Kill Warning Poster
- NO, Obama is NOT Opening Free Gas Stations in Poor Neighborhoods
- Marks & Spencer Poppy Sales Three Percent False Rumour
- Westpac 'Login Attempt From Unrecognized Device' Phishing Scam
- 'Really Bad Virus' Warning
- Facebook Surcharge Hoax - £1 Per Month From January 2015
- BMW M5 Giveaway Like-Farming Scam
- 'Baby Andrei Needs Help' Facebook Page Donations Scam
- Beware of Fake Obamacare Websites
- 'Temporarily Blocked From Liking Pages' Facebook Message
- 'Pieces of iPad' Giveaway Facebook Scam
- Hoax - Hacking Group Anonymous Targeting Facebook Users With Giraffe Profile Pics
- Bogus Warning - Canned Fruit From Thailand Contaminated With HIV
- Giraffe Profile Picture Virus Hoax