Facebook “hahaha” virus

Facebook “hahaha” virus is an attempt to scam users into downloading malicious software

Facebook "hahaha" virus
Facebook “hahaha” virus is a malicious Messenger campaign that targets social network users with malicious links

Facebook "hahaha" virus
Facebook “hahaha” virus is a malicious Messenger campaign that targets social network users with malicious links

Facebook “hahaha” virus is a social engineering[1] attack and a spam campaign aimed at users who frequent this social network. In most cases, a phishing message is delivered via the Messenger application, although it often comes from victims’ friends or friends of friends accounts, which makes the scam so much more believable. The PM includes the “hahaha” phase and a link that allegedly would lead users to a video about them. Unfortunately, once the link is clicked, the Facebook “hahaha” virus will continue sending spam to target’s friends, and might even result in more serious malware infections.

Name Facebook “hahaha” virus 
Type Account hijacking, malware, scam  
Distribution  Malicious messages with embedded links come via Facebook’s Messenger app
Symptoms  Spam is being sent from your Facebook account to friends and friends of friends; malware infection symptoms vary and highly depend on the infection type (from an increased amount of ads encountered online to severe computer slowdowns and system crashes)
Dangers  Sensitive information disclosure to cybercriminals (privacy issues), identity theft, other malware infections, money loss, etc. 
Downloaded files  Pictr_357.Zip, Copy_0027.Zip, Image0905.Zip 
Termination If you have been affected by Facebook “hahaha” virus, you should immediately change the password of your Facebook account and perform a full system scan with anti-malware software 
System fix Malware infections might seriously damage Windows operating systems

The “hahaha” virus is one of many Facebook virus versions that seeks to infect users’ computers with malware, extort sensitive information, use their machine for spam, open a backdoor, or gain access to their Facebook account to spread the threat further. Facebook “hahaha” virus removal highly depends on what the malicious link was programmed to do. For example, in some cases, changing a Facebook account password would suffice, while malware infection should be terminated with security software.

Besides hijacking the victim’s account, Facebook “hahaha” virus might also direct users to malicious websites where an automatic download of files like Pictr_357.Zip, Copy_0027.Zip, Image0905.Zip, or similar ones, might be initiated. If launched, these could result in severe malware infections, decrease the system’s defenses, etc.

Both Facebook and Messenger are popular platforms used by millions of people, which makes it a perfect target for cybercriminals. Social engineering is that makes it easier for them to make users click on malicious links, as the Facebook “hahaha” virus message is meant to spark curiosity – users believe that there is actually a video about them that might be potentially incriminating or shameful.

Facebook "hahaha" virus infection
Facebook “hahaha” virus is a type of scam that is designed to to hijack Facebook account and send spam from it

Facebook "hahaha" virus infection
Facebook “hahaha” virus is a type of scam that is designed to to hijack Facebook account and send spam from it

Here are some Facebook “hahaha” virus examples of messages delivered to users:

Hi (Name),

(Person’s name) commented on your status.

(Person) wrote: “hahahaha (Person’s Name) i can not belieeve whaaat you did in thisss videeooo its so embarrassing its all over face book!!!!!

Cooopyy and Paasteee the link below in to your web browserr to seeeee , it’s ********!!!

Remove the Spaacess —> www. funreelvids. in”

Omg hahah have you seen this photo u got tagged in LOL —>

As soon as any of the previously mentioned .Zip files are downloaded, and the .Jar file is launched, this malware starts its activity. Several malware types could be associated with Facebook “hahaha” virus, including:

  • Cryptojackers – these parasites are designed to suck up your CPU and/or GPU in order to mine cryptocurrency for malicious actors and deliver the funds directly into their crypto-wallets;
  • RATs (Remote Access Trojans) – these malicious programs allow the attackers to gain remote access of your machine;
  • Backdoors serve as a link between malicious servers and the host machine – they are often used to proliferate other malware or include the computer into a massive botnet;
  • Redirect viruses can intercept the HTTP traffic and links users to potentially malicious sites, generating profits for cybercriminals in the meantime;
  • Info-stealers can be used to track every keyboard press made by the victim and also read sensitive information on sites like online banking.

It is believed that Facebook “hahaha” virus is mostly used for Bitcoin mining. However, it can be involved in other dangerous activities as well, as mentioned above. If you noticed that your computer speed decreased and your Facebook account started sending “hahaha” or similar messages to your friends, your PC is infected with this serious malware.

To remove Facebook “hahaha” virus, immediately scan your machine with reputable anti-malware software, reset the installed web browsers, change your Facebook password, and use Reimage Reimage Cleaner to fix the damage done by malware.

Facebook "hahaha" virus scam
Those who click on Facebook “hahaha” message link might infect their machine with dangerous malware

Facebook "hahaha" virus scam
Those who click on Facebook “hahaha” message link might infect their machine with dangerous malware

Facebook “hahaha” virus infection methods

As we have already mentioned, Facebook “hahaha” virus is spread via “hahaha” messages that are sent via Facebook’s private messaging. In most of the cases, it looks like they belong to your friends, so there is no surprise why this malware has been successfully spreading around. If you click on this fake message, you are involuntarily involved in the distribution of Facebook “hahaha” virus, and your friends can also be infected no matter which OS, Windows, or Mac, they use.

In addition to that, your computer is turned into a bitcoin mining machine and used for other dangerous activities. Please, avoid such fake messages, no matter how trustworthy or tempting they look. If you have already clicked on its attachment, you should check your PC for Facebook “hahaha” virus. Read the following paragraph to get more info about that.

Facebook “hahaha” virus removal instructions

First of all, if you click on the malicious Facebook “hahaha” link, you should immediately take action to secure your account. However, before that, you need to ensure that, by clicking on the link, you did not installed malware on your computer. For that, we suggest you scan it with powerful and up-to-date software like SpyHunter 5Combo Cleaner or Malwarebytes – these tools should be able to detect and eliminate all types of malware, including RATs, Backdoors, Cryptojackers, and others. Note that some viruses might disable your security tools – access Safe Mode with Networking, as explained below.

In case you do not remove Facebook “hahaha” virus on time, you might face severe consequences, such as system slowdowns, money loss, or even identity theft.

After  Facebook “hahaha” virus removal, you should change your Facebook password immediately, as malicious actors can keep using your social media account for many other malicious purposes. If you had a credit card linked to your account, they could misuse it to steal money from you. To change your Facebook password, follow these instructions:

  • Login to your Facebook account
  • Click on the arrow at the top-right of the window
  • Select Settings
  • Pick Security and Login on the left
  • On the right side, locate Change password and click Edit
  • Type in the current password and a new one (use alphanumeric characters for complexity)
  • Click Save Changes

Reimage Reimage Cleaner has a free limited scanner. Reimage Reimage Cleaner offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.

This entry was posted on 2020-02-06 at 08:03 and is filed under Malware, Viruses.