Giraffe on yellow background with hoax stamp
Home Facebook Related Giraffe Profile Picture Virus Hoax

Giraffe Profile Picture Virus Hoax

by Brett M. Christensen

Outline

Message circulating rapidly on Facebook claims that changing your profile picture to that of a giraffe will allow hackers to steal your Facebook login details and remotely control your computer.

Brief Analysis

The claims in the warning are nonsense and sharing it will help nobody. There is no such virus.  The threat described in the message is in no way related to a JPEG vulnerability that was discovered and fixed several years ago. The bogus warning is apparently a response to a popular – and completely harmless – Facebook game in which users who cannot correctly answer a riddle are instructed to change their Facebook profile picture to that of a giraffe for three days as a public acknowledgement of their failure.

Example

A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over google’s giraffe pictures.

“It’s been done in the past, but with HTML code instead of the JPEG,” said James Thompson, chief technical officer for SANS’ Internet Storm Center, the organization’s online-security research unit. “It is a virus, but it didn’t spread very far. We’ve only had two reports of it.”

The Facebook message goes like this: “I just changed my profile picture to a giraffe, but my answer was wrong” When you do it, Facebook automatically gives the hackers your user mail and password, malicious code embedded in the JPEG image gives the hackers everything they need, James said.

The code also installs a back door that can give hackers remote control over the infected computer. Antivirus expert Fred Hypponen of F-Secure warned on Wednesday that the JPEG exploit can also damage your Iphone if you charge it with your computer. By default, antivirus software only scans for .exe files. And even if users change the settings on antivirus software, the JPEG file name extensions can be manipulated to avoid detection.

Microsoft and google are working on it now, oct 25. We recommend Facebook users: DO NOT change your profile picture to giraffes.

 

Detailed Analysis

According to a message that is currently circulating rapidly on Facebook, a dangerous virus is lurking inside images of giraffes that users may find online via Google searches. The message warns users not to change their profile image to that of a giraffe because the “virus” hidden inside the giraffe .jpg images will allow hackers to harvest their Facebook login email addresses and passwords as well as take control of their computers from afar. It warns that iPhones plugged into an infected computer for charging can also be damaged by the threat.

The message rather obscurely suggests that people are changing their profile pictures to images of giraffes, and thereby compromising their Facebook accounts and computers, to comply with a circulating Facebook message that states “I just changed my profile picture to a giraffe, but my answer was wrong”.

However, the claims in the supposed virus warning are nonsense. There is no virus like the one described and Facebook users are certainly not being “hacked” just because they choose to use a random giraffe image as a profile picture. 
It is true that, several years ago, a vulnerability was found in computers running Microsoft Windows that could enable software viewing JPEG image files to launch malicious code. However, a fix for that vulnerability has long since been available.

Some old, unpatched computers may still have the potential to be compromised. However, modern operating systems and software are not likely to be compromised by this vulnerability and it is highly unlikely that malicious code could be distributed via a normal .jpg file.

Moreover, even if it was still a threat, that vulnerability could not somehow magically infect all of the many thousands of giraffe images that a user might find via a Google search. Nor would it allow criminals to steal login credentials and control the infected computer just because a person used the .jpg file as a profile image.

The creator of the hoax message has attempted to make the nonsensical claims sound more believable by suggesting that computer security experts at SANS Internet Storm Center and at F-Secure have warned about the supposed threat.  However, the SANS and F-Secure warnings are derived from a September 2004 CNet article that discussed an AOL Instant Messenger threat that used the .jpg vulnerability mentioned above.

The threat spread by tricking chat users into visiting a website that hosted the exploited .jpg images. However, the message makes no mention of giraffes. And, there is no current information about a .jpg vulnerability like the one described in the warning message on either F-Secure or the Internet Storm Center.

Thus, it is clear that the prankster who created this hoax has simply lifted portions of the 2004 CNet article and mixed them in with absurd claims about giraffe images.

The hoax is apparently in response to a popular Facebook status game in which users who cannot answer a riddle are instructed to use a picture of a giraffe as their profile picture for three days if they fail to correctly answer a riddle. An example of the message is included below:

Try the great giraffe challenge! The deal is I give you a riddle. You get it right you get to keep your profile pic. You get it wrong and you change your profile pic to a Giraffe for the next 3 days. MESSAGE ME ONLY SO YOU DONT GIVE OUT THE ANSWER. Here is the riddle: 3:00 am, the doorbell rings and you wake up. Unexpected visitors, It’s your parents and they are there for breakfast. You have strawberry jam, honey, wine, bread and cheese. What is the first thing you open?Remember… message me only. If you get it right I’ll post your name here. If you get it wrong change your profile picture….

This game is harmless. Playing certainly will not give you a virus or allow hackers to hijack your Facebook account or control your computer.

Certainly, as always, users should be cautious when downloading material from unknown websites.  Users might be tricked into downloading and installing malware in the mistaken belief that they were downloading an image file.

However, sending on this fake virus warning will only spread alarm and misinformation. Sharing it will help nobody.


Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer