Experts comment on the new attack on Facebook.
Many Facebook users in Vietnam are facing a new method of virus distribution being used by hackers.
Specifically, users will receive a notification that a friend has mentioned them in a post or comment. Clicking on this notification will redirect the user to a website with an interface identical to Facebook.
And, if a user clicks anywhere on the aforementioned fake website, their browser will install an extension called "BUZ." This extension allows hackers to control user actions, thereby stealing their accounts and important web browsing information.
![]() |
| The image is for illustrative purposes only. (Source: telegraph.co.uk). |
Speaking with reporters, Mr. Tran Quang Chien (Director of VNIST Joint Stock Company), in charge of securitydaily.net, said that this is most likely a new vulnerability that Facebook has not yet fixed. This allows malware to create malicious links hidden in Facebook notifications to trick users.
In this case, most security tools will be largely ineffective because these websites are templates recently created by hackers, and the malware has tricked users into installing a malicious extension.
Mr. Chien also stated that, in many cases, Facebook will issue a warning when users click on a link outside of Facebook. To be safe, users should carefully check the link before accessing it.
In addition, when browsing the web in general and Facebook in particular, if you encounter requests to install add-ons (extensions), be careful not to accept them. This is because most "clean" websites will not ask users to do so.
In cases where malware has infected and installed add-ons, users should immediately remove any unfamiliar add-ons from their browser. “In some cases, we discovered an add-on called 'Vur' [image-pv] that has already been installed over 4,000 times,” Mr. Chien said.
| The add-on called 'Vur' has now been installed more than 4,000 times (Source: Tran Quang Chien). |
In addition, Mr. Chien also advised users to delete posts that the malware had automatically uploaded and change their passwords immediately. In case of account loss, users can use Facebook's password recovery function to retrieve their account via email or text message.
According to Mr. Chien, to ensure safety and minimize impact on other users, Facebook users should reset their safety settings. Specifically, posts that users are "tagged" in will not automatically appear on their wall; they must be given permission to do so.
According to Vietnamplus
| RELATED NEWS |
|---|



