One may recall that both worms are unique since these take advantage of user interactivity, an awesome Web 2.0-borne feature, by making this a part of the whole propagation chain. Somewhere between their execution on the affected system to their possible deletion from it, these worms search for a string or set of strings in cookie files related to the popular social-networking site Facebook. Once a match is found, these worms then access the user’s profile using the credentials from the cookies to add links pointing to a copy of itself in the affected user’s profile for virtually anyone to find and click on to download.
Infected users therefore put their frequent profile visitors (who might be more than willing to click on the link since it appears to be a new profile update that they haven’t checked out yet) in harm’s way, along with virtually anyone who stumbles upon the infected profile and clicks on the offending link.
When comScore, an independent marketing survey company, shows that Facebook has now become the largest and fastest growing social network in the Web — consequently surpassing MySpace, its biggest competitor ever since.
Users, Facebook users most especially, are now protected from this threat through the Trend Micro Smart Protection Network.