“lol is this your new profile pic? http://goo.gl/[REDACTED]?img=[USERNAME],” reads the harmful message sent to trick users into visiting a link that actually installs a trojan virus.
The infection itself infects Windows systems by making a change to application data through a .exe file.
And it doesn’t end there. Sophos noted that the infection is a form of something called the Dorkbot worm, a notorious botnet.
“There have been many variants of the Dorkbot attack spotted over the least year or so, spreading via Facebook and Twitter. The threat can also spread via USB sticks, and various instant messaging protocols,” commented the security firm.
Earlier this year in June, the BBC reported that a glitch in the popular communication software leaked users’ private IMs.