Giraffe riddle virus rumors turn out to be hoax

(UPI) -- Giraffe pictures have been everywhere the past few days, but fortunately, the now infamous Facebook giraffe riddle is nothing more than fun and games, not something more sinister.

When the spotty creatures started to dot the landscape of our Facebook timelines, early reports suggested their spread might be a hack designed to access the personal information of participating users.

A variety of warning messages began to circulate around the social network, warning people to avoid getting caught up in the "virus."

These messages claimed hackers could use an image file to reach into computers and grab bank account information and wipe hard drives, but those fears appear to be completely unfounded.

"Firstly, it is extremely unlikely that with modern software and operating systems that a virus or malware of any sort can be transmitted within a genuine .JPEG image that you would find on Google Images," writes Thatsnonsense.com, a site that specializes in tracking down Internet hoaxes.

"It is true that several years ago malicious programmers were able to put computers at risk with JPEG exploits, but these have long been patched up by companies like Microsoft. Even back then (between 2002-2004) viruses transmitted inside JPEGs were extremely rare."

A real virus spread through AOL's Instant Messenger way back in 2004, and the warning message circulated in the past few days have pulled from warnings sent then.

Below, the full -- and incorrect -- warning circulating online:

A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over googles giraffe pictures.

“It’s been done in the past, but with HTML code instead of the JPEG,” said James Thompson, chief technical officer for SANS’ Internet Storm Center, the organization’s online-security research unit. “It is a virus, but it didn’t spread very far. We’ve only had two reports of it.”

The Facebook message goes like this: “I just changed my profile picture to a giraffe, but my answer was wrong” When you do it, Facebook automatically gives the hackers your user mail and password, malicious code embedded in the JPEG image gives the hackers everything they need, James said.

The code also installs a back door that can give hackers remote control over the infected computer.

Antivirus expert Fred Hypponen of F-Secure warned on Wednesday that the JPEG exploit can also damage your Iphone if you charge it with your computer. By default, antivirus software only scans for .exe files. And even if users change the settings on antivirus software, the JPEG file name extensions can be manipulated to avoid detection.

Advertisement

Microsoft and google are working on it now, oct 25. We recommend Facebook users: DO NOT change your profile picture to giraffes.

In other words, feel free to guess away, even if it means your profile picture will be silly for a few days.