Infected machines are propagating the worm by sending messages via the social networks to friends in the network.
The messages look like they contain links to video clips. When clicked on, they prompt the recipient to download an executable file that purports to be the latest version of Flash Player. Instead, it is the worm itself.
When infected machines next log onto the social networks, they automatically send the malicious messages out to new victims grabbed from the friend list, said Ryan Naraine, security evangelist at Kaspersky.
"We've seen these types of worms before, typically around MySpace," he said. "People are more trusting of things they receive from a friend." Many people don't recognise that what they are downloading is not a legitimate Flash Player file but a malicious program, Naraine added.So take proper measures before using Facebook & Myspace.
Naraine urged users to exercise caution when downloading anything onto their computers, even if it appears to come from a friend, and to be diligent about applying security.