Facebook’s “Malicious Software” May Be Hacking Its Own Users

malicious software
Facebook keeps saying I have some sort of “malicious software.” That’s totally bogus, as I’m running the leading anti-virus software, have run a second leading anti-virus software, and have run three different highly acclaimed anti-malware packages to scrub my system.
Furthermore, the problem occurs only after I attempt to log on, regardless of the computer, network, or ISP.  Meanwhile, anyone else who logs onto Facebook using my computer has absolutely zero problems and receives no such error message.
I’m not the only one experiencing this problem.  Here are some links to others who are experiencing the same or similar issues:

 – Jack Yan & Associates

Another by Jack Yan & Associates

There are even four pages on Facebook’s user community wherein a growing number of people are reporting the same issue.

These facts and the details I provide below form the basis of my belief that Facebook’s “malicious software” detection is either riddled with errors or is totally bogus, perhaps even Facebook’s way of getting people to download their “partnered” anti-“malicious software” on an individual’s computer in order to spy on users’ machines.

When this happened two weeks ago, I wrote them the following letter.  I promised I would hide this blog post if they permanently removed the “malicious software” flag in their system.  After five days, they did just that and I was able to log in.  This morning, however, I receive the “malicious software” message again, so I made this blog post visible once more, and will likely keep it until Facebook publically acknowledges that at the very least, their “malicious software” flag has nothing to do with whatever Facebook detects on a users’ computer (it can’t, due to the browser’s security), but rather, it’s tied to individual user accounts.

Dear Facebook:

On the afternoon of June 6th, 2017, while in the middle of typing a post on Facebook via my primary FB account, I received the following popup message from Facebook that states:

“Hi (name), we’re continuously working to keep your account secure. We’ve noticed that this device may be infected with malicious software. To continue to use Facebook, you can either use other devices or clean this device by downloading the scanner provided by Facebook and Trend Micro.”



malicious software

In your Terms of Service, under Section 2, “Sharing Your Content and Information,” you specifically state, “You [the user] own all of the content and information you post on Facebook.”

Since that’s indeed the case under U.S. Copyright Law, why are you blocking MY access to MY information?

I am an IT security specialist with 29 years of experience. I have written 24 security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force.  Therefore, please take me seriously when I affirm this problem does not exist on any local computer which I have used to log into Facebook, but rather, on your network, and specifically, my account on your network.

Just to be absolutely certain, however, I conducted the following series of tests:

I tried “other devices.” In fact, I tried 7 completely different machines:

  • neighbor 1
  • neighbor 2
  • public library 1
  • public library 2
  • friend’s
  • my spare computer
  • my local machine

I tried them in 6 different geographic locations, using 3 different ISPs:

  • Comcast
  • Qwest/CenturyLink
  • Peak Internet

I also tested two browsers (Chrome and Firefox) on all of those, along with Opera on two of them.

In all seven cases (19 test cases, total), the following results remained consistent:  Logging in with my primary account resulted in the “malicious software” error message on all machines, locations, and ISPs, but logging in with any other account resulted in a clean login regardless of machine, location, or ISP. Of these 7 machines, four were running Norton Security, and the other three ran Kaspersky, Avast, and AVG.

Therefore, it is unequivocally clear that this issue is not a problem inherent in any of the local machines, subnets, geographical locations, browsers, Internet Service Providers, or antivirus software.

Rather, it is most certainly a problem with either Facebook’s servers in general, or with my primary Facebook account as hosted on your servers.

Since that is without a doubt the case, running your mandated software from any four of your partners on my local machine would accomplish absolutely nothing, yet risks unauthorized disclosure of my personal information, infection of my computer, or even the introduction of a virus at the local machine’s administrator level by whoever hacked my Facebook account.

To be quite fair, as a direct result of your non-communication policy, I have absolutely no way of knowing whether or not this “malicious software” pop-up is legitimate or if it is itself a malicious hack of my account designed to get me to run ransomware as an administrator on my local machine.  At the very least, the way you go about holding the account hostage and forcing us to download the software not from one of your security partners but from some other site is highly suspicious.

However, to that end, I made a note of your partners: Trend Micro, Kaspersky, ESET, and F-Secure. I then proceeded to use their trial versions (only three had trial versions) to thoroughly scan and clean my machine.

I then repeated the above tests to see if my local machine had absolutely anything to do with the issue, at all.

No. The results of the tests remained the same. Furthermore, five people successfully logged onto Facebook using both my primary and backup machines, regardless of their geographic location, the browser used, or the ISP.

Clearly, my machine is not the issue.  It’s my account.  Either Facebook wrongly blocked my account with their “malicious software” hack, believing that a virus exists on my side of their firewall (absolutely not, as has been abundantly demonstrated by the test procedures given above), or my account has been hacked from inside of Facebook’s firewalls by someone who really is trying to use it as a way of hacking my local machine.

Facebook:  The problem resides solely on your side of the net. Please stop trying to get us to run your software on our machines.  We’re already running the world’s best anti-virus and anti-malware software, including from at least one of your four security partners.  As I have clearly demonstrated, there is absolutely nothing I can do on my end that will fix this problem, and that includes running your mandated software.  The problem is on your end.  Fix the problem on your end, and the problem will be solved.

Thank you.

Again, I am an IT security specialist with 29 years of experience. I have written 20+ security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force.  Therefore, please take me seriously when I affirm this problem does not exist on local computers, but rather, on your network.


Name witheld by request
M.S. Management (Project Management)
MBA (Technology Management)
B.S. Finance, Insurance, and Business Law



Author: patriot

It was a distinct honor, as well as my pleasure, to serve my country for more than twenty years. I love my country, but sometimes I'm not too happy with its leaders. I'm working to change that, and I could use your help. Please join me! Thanks. : ) - Patriot

Leave a Reply