On the “old hoaxes never die” tack,it seems that last year’s Christmas Tree App “virus” warning is circulating again: at any rate, Facecrooks has found it necessary to put a warning on its Facebook page against spreading it.
There is plenty of information available about this little beauty, so I’ll just give you a few pointers:
- Facecrooks cites a write-up at Hoax Slayer
- Snopes has a write-up here
- Geek Squad, which is alleged in the hoax message to have validated the alert, has denied it here (and also thrown in some advice for Facebook users)
- Graham Cluley included some screen shots and a historical note here, and I gilded the lily with some more information on the CHRISTMA EXEC worm here.
As I haven’t seen a recent version of the message myself, here’s the one that Graham cited in 2010.
WARNING!!!!!!…..DO NOT USE THE Christmas tree app. on Facebookplease be advised it will crash your computer. Geek squad says its oneof the WORST trojan-viruses there is and it is spreading quickly.Re-post and let your friends know. THANKS PLEASE REPOST!
In 1990, the spirit (though none of the code) of the worm was invoked by a message displayed between 24th and 31st December, along with a Christmas tree graphic, on systems infected with the XA1 (Tannenbaum) virus. “Und er lebt doch noch: Der Tannenbaum!
Which means “and it still lives: the Christmas tree!” Indeed it does…
David Harley CITP FBCS CISSP
ESET Senior Research Fellow