10,000 users fall victim to malware via Facebook message
MANILA, Philippines — A malware attack tricked around 10,000 Facebook users whose devices were infected after receiving a message from a friend claiming to have mentioned them.
According to software security company Kaspersky Lab, compromised devices were used to hijack Facebook accounts to spread the infection through the victim's own Facebook friends and to enable other malicious activity. Countries in South America, Europe, Tunisia and Israel were hardest hit.
From June 24 to 27, thousands of unsuspecting consumers received a message from a Facebook friend saying they were mentioned in a comment. The message, however, was the bait for a two-stage attack.
The first stage would download a Trojan virus onto the user’s computer that installed a Chrome browser extension. The browser feature enabled the second stage—the takeover of the victim’s Facebook account.
A successful attack gave the threat actor the ability to change privacy settings and extract data, allowing it to spread the infection through the victim’s Facebook friends or push spam, carry out identity theft and generate fraudulent "likes" and "shares."
The malware would to protect itself by blacklisting access to certain websites, such as those belonging to security software vendors.
People using Windows-based computers to access Facebook were at the greatest risk, while those using Windows OS phones were also somewhat at risk. Android and iOS mobile devices were immune since the malware used libraries which are not compatible with the systems.
Facebook, meanwhile, tried to address the issue by blocking techniques used to spread malware from infected computers. The social networking company said it has not observed any further infection attempts.
Google has also taken measures by removing the suspicious Chrome extension used to track users' Facebook access.
Kaspersky Lab advised users who think they might have been infected to run a software malware scan and deleted unexpected extensions from their Chrome browsers.
"If these are present they should log out of their Facebook account, close the browser and disconnect the network cable from their computer. Get a professional to check for and clean away the malware," the software security firm said. — Philstar.com
