CSIS, the security company based in Denmark, which first spotted an extremely malicious PC-worm, reports that the worm is utilizing Facebook, the Internet site for social-networking, to carry out self-propagation via posting malevolent web-links onto it that connect with sites having the banker Trojan Zeus along with other threats.
Moreover, according to CSIS' investigators, for self-propagation, the worm harvests account credentials from Facebook that it utilizes for accessing those accounts and putting up web-links. These web-links that are actually malicious pretend to show an image file the infected visitor's network-contacts posted.
...
The file, apparently, represents an exploitative jpg document, supposedly providing a screensaver. Those who download and run it can be deceived into facing dire consequences, particularly because its detection by anti-virus engines is pretty low.