Skip to main content

Facebook worm attacks Windows, Mac and Linux

A new type of malware is on the loose among Facebook users – and this time, Apple and Linux users can’t sit back smugly and ignore it.

The malicious script, sometimes known as ‘Boonana’, is the latest incarnation of the Koobface worm, security analyst Graham Cluley revealed on the Naked Security blog of antivirus firm Sophos.

The worm has been spread by messages sent on the social network that ask, “is this you in this video?” - and can infect all three major OS platforms: Windows, Linus and Mac OSX.

Users who click on the link included in the message are taken to another webpage displaying an image of a woman taken from

Would-be victims are then asked to give permission for a Java applet called JPhotoAlbum.class to be run from inside a Java Archive (JAR) called JNANA.TSA.

Those who do so will find a variety of malicious software downloaded to their computer.

File names include: applet_hosts.txt,, jnana_12.0.tsa, jnana.pix, OSXDriverUpdates.tar, pax_wintl.crc,, rawpct.crc,, rvwop.crc,,,

The outbreak marks a worrying trend in recent malware, with hackers using the increasing popularity of alternative operating systems such as Mac OSX and Linux to target a whole new class of computer owners.

Users are advised to update their security software and consult the vendor’s website for removal tools if they think they have been infected. Security companies are repeating their advice not to click on links in unsolicited messages received via email or on social networking sites.