The moral to this story is don’t click a link just because you can. The Guardian warns:
If you get a posting on your Facebook wall telling you “this is without doubt the sexiest video ever! 😛 😛 :P” which seems to be accompanied by a video titled “Candid Camera Prank [HQ]” then don’t click on the video: it’s a lead-in to malware.
It installs adware called “HotBar,” a “toolbar” that inflicts ads on you depending on your surfing habits. It may also do other bad stuff in the background, according to this Microsoft document linked by the Guardian.
There is nothing new about HotBar; what’s new is transmission via Facebook.
The weakest link in computer security has always been the nut behind the keyboard. This thing seems to work like one of those old Microsoft Outlook and Outlook Express trojans, such as LoveBug, that installed itself on your system, then grabbed your address book and emailed itself to everyone.
But someone had to click on them to make them work.