It looks like there's a new malicious Facebook virus in the wild, and it just popped up today. Users are logging in this morning to find wallposts left by their friends along with a link:
hi Tomalak, hehe.. you could be tht naughty i didnt knw..really hard to see tht from my eyes lol
have a luk urself…
http://www.google.com.id.ezwjc3q9.k4sw5d.2b99df1a.cn/galle[…]za8lnik
(click open or run when prompted)
It's yet to be seen whether "virus" is really the right term for this, but regardless there is some malware out there somewhere taking advantage of the fact that a lot of Facebook users will blindly click on the suspicious-looking link hoping to find out where they've been "naughty". All they really find, though, is a download box for Picture_dl.exe. I didn't go as far as to actually download it, but presumably someone will hack it to pieces soon enough to discover its purpose.
In the meantime, I don't really want to report my friend to Facebook because she's clearly not sent this intentionally. It's called "koobface" and it's already known to the authorities. Apparently TPTB are working on it.
Meanwhile, do not click on every random link you see on the internet! The link above may look like a Google link to the untrained eye, but the reams of meaningless-looking text after "www.google.com" give away that this is, in fact, a phishing site. Actually, I'm kind of surprised that my FF3 installation didn't catch that…
Update: Arik's written about this too.
Update 2: It looks like this might be the first Facebook-based virus/worm since the facebook.com phish back in June.