A new version of the previously detected RayBan virus (Facebook) has been recently detected to be spread again and affect an even greater number of users then it’s first version. The virus is related to a scam that aims to control the Facebook accounts of victims and send images of ray-ban sunglasses on discounts. In case your Facebook profile shares photos, like the one in the right, be advised that your computer may have been compromised by this virus. If so, we urge you to read the following article.
|Short Description||Takes control of the targeted Facebook account and causes automatic shares.|
|Symptoms||Sharing of Ray-Ban discount images on friends’ Facebook profiles.|
|Distribution Method||Spammed malicious web links or via other users that have been affected.|
See If Your System Has Been Affected by RayBan virus
Malware Removal Tool
|User Experience||Join Our Forum to Discuss RayBan virus.|
RayBan Virus – How Does it Spread
There are multiple possibilities by which a user can become a victim by this malware. One of those is to open the link in the shared picture by being tricked, that it is an actual RayBan promotion. This may result in the virus obtaining information and permissions over your Facebook profile by utilizing malicious technologies, such as cookies, pixels, tags or other code.
Here is a screenshot of a web link containing picture shared directly on a friend’s profile from a compromised Facebook account:
When checked, the website itself has been reported by multiple sources, like Scamadviser that it is relatively new and a high risk to visit. It is a China-based site, meaning that the virus may originate from somewhere in that country.
Another method by which you could become a victim of this ransomware infection is if you are careless and click on a URL which is suspicious. This may result in the direct installation of the malicious software related to this virus on the background of your computer. The software may also exist in an app that has taken over Facebook permissions to share on your behalf, so it is also advisable to check your phone for malicious applications as well. Keep reading this article to learn more about this virus and how to make sure it is gone for good in the future.
RayBan Virus on Facebook – More Information
One of the first reports about this Facebook virus arose as a result of a Reddit user being one of the victims of this threat. The user, nicknamed DivineAusir describes the old variant of the RayBan virus as the following:
Hi, I got a facebook virus that posted photos of Ray Ban sunglasses and tagged a bunch of my friends in them. I’m not sure what caused it but two things happened the day the pictures were posted. The first thing was that I got a notification that somebody accessed my facebook account. I was in school at the time and so I didn’t do anything about it. Second thing was that I got an email that seemed completely legit but when I clicked it, it took me to a suspicious site which I closed immediately.
Here is an identified picture of the old RayBan virus posted by victims:
What is particularly interesting is that the victim in this case also received an e-mail which led to a suspicious website, pointing out to another possible scenario by which this malware could be distributed – malicious web links from e-mails.
If the RayBan virus has the capability of taking control over your Facebook profile, it may as well have other features that may help it retain it’s control, for example:
- Keylogging software that tracks your keystrokes if you try to change your password.
- Remote control software, such as RAT (Remote Access Trojans)
- Functions that take screenshots on your device.
What is cunning on their part is that cyber-criminals have not stopped using phishing and fake promotions to spread their malware and scams on Facebook. The largest social media site in the world still remains the biggest target for malware writers to infect unsuspecting victims, despite the many protection measurements taken by the company.
When the website itself has been visited, we have compared it to the original site of the company and it looked awfully similar to it and had no HTTPs, suggesting that it may be a phishing website that aims solely for your financial data, meaning that when you enter your credit card number and security code, you have no guarantee of the safety of your information.
Remove RayBan Virus from Facebook and Your Computer or Smartphone
Since this particular Facebook virus can have functions that may record a password change and still remain in control over your Facebook account, we recommend that you follow the methodology underneath:
1.Remove the virus from your device.
2.Log out all of the Facebook active logins from the Settings > Security
3.Make sure that you change your password to a very strong one and enable phone verification and notification on login for maximum security.
For the removal process of this Facebook malware, we have divided the instructions in two parts. The first part is the removal for computers. It will help you automatically detect the virus on you system and delete all of the related files to it. For maximum effectiveness, the use of an advanced anti-malware program is strongly advisable.
Manually delete RayBan virus from Windows and your browser
Note! Substantial notification about the RayBan virus threat: Manual removal of RayBan virus requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.
Automatically remove RayBan virus by downloading an advanced anti-malware program
The second part of the removal is related to mobile devices, so if you have a mobile device and believe it is compromised, the safest way to clean it is to do a Factory Reset. But before doing so, we strongly recommend that you backup all of the files on the mobile device that are important to you and only then to follow the instructions below: