Facebook users don’t click the Ow.ly links posted anywhere on Facebook, if you have clicked the Ow.ly link (URL shortening service) then you might have gotten your computers infected by a worm.
The link is being spread by attackers through a post that promises one-of-its-kind of pornographic content. The post is being shared via numerous prominent social media networks such as Twitter and Facebook.After infecting the user’s computer it then posts the same link on the walls of all of the user’s contacts and groups.
As per senior security researcher at Malwarebytes Jerome Segura information the attack primarily targets Chrome and “The goal [of this current attack] is to harvest as many users as possible to create a very large [botnet] consisting of social networks profiles which can be leveraged in various ways, [such as by] reselling Facebook friends and likes, reselling Twitter followers, [and] generating pay per click revenue by visiting sites and clicking ads”.
When a Facebook user clicks on the infamous Ow.ly link that promises “sex photos of teen girls in school,” it redirects immediately to an Amazon Web Services page and then gets redirected to a compromised Box website. Users are then prompted to download a file and when it is installed the system gets infected instantaneously leading to the download of the worm. It then spreads the Ow.ly link to all contacts of the user on Facebook.
Amazon Web Services (AWS) spokesperson in an official statement explained that the“activity being reported is not currently happening on AWS.”