Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 166 - November, 2013 (2nd Edition) - Page 46

Giraffe Profile Picture Virus Hoax

Issue 166 Start Menu

Previous Article

Message circulating rapidly on Facebook claims that changing your profile picture to that of a giraffe will allow hackers to steal your Facebook login details and remotely control your computer.



Brief Analysis
The claims in the warning are nonsense and sharing it will help nobody. There is no such virus.  The threat described in the message is in no way related to a JPEG vulnerability that was discovered and fixed several years ago. The bogus warning is apparently a response to a popular - and completely harmless - Facebook game in which users who cannot correctly answer a riddle are instructed to change their Facebook profile picture to that of a giraffe for three days as a public acknowledgement of their failure.

Bookmark and Share

A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over google's giraffe pictures.

"It's been done in the past, but with HTML code instead of the JPEG," said James Thompson, chief technical officer for SANS' Internet Storm Center, the organization's online-security research unit. "It is a virus, but it didn't spread very far. We've only had two reports of it."

The Facebook message goes like this: "I just changed my profile picture to a giraffe, but my answer was wrong" When you do it, Facebook automatically gives the hackers your user mail and password, malicious code embedded in the JPEG image gives the hackers everything they need, James said.

The code also installs a back door that can give hackers remote control over the infected computer. Antivirus expert Fred Hypponen of F-Secure warned on Wednesday that the JPEG exploit can also damage your Iphone if you charge it with your computer. By default, antivirus software only scans for .exe files. And even if users change the settings on antivirus software, the JPEG file name extensions can be manipulated to avoid detection.

Microsoft and google are working on it now, oct 25. We recommend Facebook users: DO NOT change your profile picture to giraffes.

Detailed Analysis
According to a message that is currently circulating rapidly on Facebook, a dangerous virus is lurking inside images of giraffes that users may find online via Google searches. The message warns users not to change their profile image to that of a giraffe because the "virus" hidden inside the giraffe .jpg images will allow hackers to harvest their Facebook login email addresses and passwords as well as take control of their computers from afar. It warns that iPhones plugged into an infected computer for charging can also be damaged by the threat.

The message rather obscurely suggests that people are changing their profile pictures to images of giraffes, and thereby compromising their Facebook accounts and computers, to comply with a circulating Facebook message that states "I just changed my profile picture to a giraffe, but my answer was wrong".

However, the claims in the supposed virus warning are nonsense. There is no virus like the one described and Facebook users are certainly not being "hacked" just because they choose to use a random giraffe image as a profile picture.

It is true that, several years ago, a vulnerability was found in computers running Microsoft Windows that could enable software viewing JPEG image files to launch malicious code. However, a fix for that vulnerability has long since been available.

Some old, unpatched computers may still have the potential to be compromised. However, modern operating systems and software are not likely to be compromised by this vulnerability and it is highly unlikely that malicious code could be distributed via a normal .jpg file.

Moreover, even if it was still a threat, that vulnerability could not somehow magically infect all of the many thousands of giraffe images that a user might find via a Google search. Nor would it allow criminals to steal login credentials and control the infected computer just because a person used the .jpg file as a profile image.

The creator of the hoax message has attempted to make the nonsensical claims sound more believable by suggesting that computer security experts at SANS Internet Storm Center and at F-Secure have warned about the supposed threat.  However, the SANS and F-Secure warnings are derived from a September 2004 CNet article that discussed an AOL Instant Messenger threat that used the .jpg vulnerability mentioned above. 

The threat spread by tricking chat users into visiting a website that hosted the exploited .jpg images. However, the message makes no mention of giraffes. And, there is no current information about a .jpg vulnerability like the one described in the warning message on either F-Secure or the Internet Storm Center.

Thus, it is clear that the prankster who created this hoax has simply lifted portions of the 2004 CNet article and mixed them in with absurd claims about giraffe images.
The hoax is apparently in response to a popular Facebook status game in which users who cannot answer a riddle are instructed to use a picture of a giraffe as their profile picture for three days if they fail to correctly answer a riddle. An example of the message is included below:

Try the great giraffe challenge! The deal is I give you a riddle. You get it right you get to keep your profile pic. You get it wrong and you change your profile pic to a Giraffe for the next 3 days. MESSAGE ME ONLY SO YOU DONT GIVE OUT THE ANSWER. Here is the riddle: 3:00 am, the doorbell rings and you wake up. Unexpected visitors, It's your parents and they are there for breakfast. You have strawberry jam, honey, wine, bread and cheese. What is the first thing you open?Remember... message me only. If you get it right I'll post your name here. If you get it wrong change your profile picture....

This game is harmless. Playing certainly will not give you a virus or allow hackers to hijack your Facebook account or control your computer.

Certainly, as always, users should be cautious when downloading material from unknown websites.  Users might be tricked into downloading and installing malware in the mistaken belief that they were downloading an image file.

However, sending on this fake virus warning will only spread alarm and perpetrate misinformation. Sharing it will help nobody. 

Bookmark and Share

Last updated: October 28, 2013
First published: October 28, 2013
Written by Brett M. Christensen
About Hoax-Slayer

Microsoft warns of critical JPEG image vulnerability, reports Sophos
Can a virus be transmitted in a picture?
Image virus spreads via chat
F-Secure Blog
SANS - Internet Storm Center

Previous Article

Issue 166 Start Menu

Pages in this issue:
  1. Philippines Typhoon Disaster Scams
  2. Wedding Invitation Malware Emails
  3. 'Suspicious Guy Claiming He is You' Spam Emails
  4. Hunting Family Posing With Dead Elephant Picture
  5. 'Missing Persons in Australia' Facebook Like-Farming Scam
  6. Baby Iko Facebook Sick Child Hoax
  7. 'Young Romanian Woman' Car Crash Scam Warning
  8. No, Scientists in Texas are NOT Going to Use Sex Offenders for Medical Research
  9. Facebook Hate Campaign Against Keely Currie
  10. Chinese Teleportation Road Rescue Video
  11. PlayStation 4 Like and Share Giveaway Facebook Scam
  12. Circulating Video of Girl Throwing Puppies Causing Outrage
  13. 'Bizarre Unknown' Fish Caught in Malaysia Not So Mysterious
  14. No, The Bitstrips App is NOT an NSA Trojan
  15. 'Removing An Old Setting' Facebook Notification Message
  16. Did a Man in China Sue His Wife For Being Ugly?
  17. '200 Pieces of iPhone' Facebook Giveaway Scam
  18. Gmail '4 Missed Emails' Pharmacy Spam
  19. 'Freedom Award Lottery Promotion Agency' Facebook Page Scam
  20. Spider in Oreo Cookie Photograph
  21. 'Giant Fukushima Mutant Dog' Picture
  22. Oprah Winfrey is NOT Dead - Links in Message Lead to Rogue App
  23. ANZ Phishing Scam - 'We Detected a Login Attempt With a Valid Password'
  24. 'Microsoft Facebook Yahoo Windows Live Award' Advance Fee Scam
  25. Chemical Burns From Gel In Diaper Warning Message
  26. Charles F. Feeney 'Grant Donation' Advance Fee Scam
  27. False and Damaging Rumour - 'RSPCA Paid to Keep Quiet About Halal Slaughtering'
  28. 'Apple ID Information Updated' Phishing Scam
  29. ASDA Attempted Kidnapping Hoax
  30. Bogus Message Proclaims ' Christmas is banned: IT Offends Muslims'
  31. False Rumour - Patron at Cosmo Romford Finds Dog Microchip Wedged in Tooth
  32. Hoax - Picture of 'World's Largest Tortoise'
  33. Fogg Hill Wolf Kill Warning Poster
  34. NO, Obama is NOT Opening Free Gas Stations in Poor Neighborhoods
  35. Marks & Spencer Poppy Sales Three Percent False Rumour
  36. Westpac 'Login Attempt From Unrecognized Device' Phishing Scam
  37. 'Really Bad Virus' Warning
  38. Facebook Surcharge Hoax - £1 Per Month From January 2015
  39. BMW M5 Giveaway Like-Farming Scam
  40. 'Baby Andrei Needs Help' Facebook Page Donations Scam
  41. Beware of Fake Obamacare Websites
  42. 'Temporarily Blocked From Liking Pages' Facebook Message
  43. 'Pieces of iPad' Giveaway Facebook Scam
  44. Hoax - Hacking Group Anonymous Targeting Facebook Users With Giraffe Profile Pics
  45. Bogus Warning - Canned Fruit From Thailand Contaminated With HIV
  46. Giraffe Profile Picture Virus Hoax