Dangerous malware appears spreading via Facebook Messenger
Recently, Trend Micro security experts warned users about a new type of malware spreading through Facebook Messenger, aiming to steal login information.
The new malware is called FacexWorm, which operates as an extension on the Google Chrome browser. The new version of FacexWorm has just been integrated with a number of features to steal account information from websites such as Google, cryptocurrency trading sites, redirect victims to malicious websites, and exploit device hardware to mine cryptocurrency...
 |
This isn’t the first malware to exploit Facebook Messenger for distribution. Late last year, Trend Micro researchers also discovered a Monero mining bot, called Digmine, spreading via Facebook Messenger and targeting Windows users.
Accordingly, cybercriminals will take advantage of hacked Facebook accounts, using them to send malicious links to others via Messenger. When clicked, you will be redirected to fake video streaming websites with interfaces identical to YouTube, Vimeo... and require installing additional extensions to watch videos. Note, the FacexWorm extension only targets Google Chrome users, so if you open the link using another browser, the malware will redirect to a regular advertising page.
 |
“FacexWorm will download multiple modules, receiving control commands from the server when the browser is opened,” the researchers said. The malware can access or modify any data on the websites that the user opens. To avoid detection or removal, FacexWorm will immediately close the opened tab when it detects that the user is opening the extension management page on Google Chrome.
So far, researchers at Trend Micro have found that FacexWorm has compromised at least one Bitcoin transaction (worth $2.49), but they don't know how much money the attackers have made from the malicious sites. The FacexWorm malware has been found in Germany, Tunisia, Japan, Taiwan, South Korea, and Spain. However, given the popularity of Facebook Messenger, it's likely that FacexWorm will spread quickly across the globe.
Google has now removed the malicious extension from the Chrome Store before Trend Micro researchers issued a warning. Therefore, to be safer when using Facebook, users should limit clicking on malicious links, even if they are sent by friends or relatives.
If you find it useful, don't forget to share the article with others or leave a comment if you encounter any problems while using it.
.jpg "Câu chuyện 'người một like'")
