Facebook malware targets over 10,000 users with a "notification"

Thousands of users have been infected past a Facebook malware that tries to accept over a user'south business relationship. This latest phishing scheme works in 2 parts, starting from a usual Facebook notification. Click on this notification, and the phishing scam will launch a ii-stage assault on your account.

Facebook malware infects users with a simple "tag"

Receiving a Facebook notification informing you of a mention by a friend is almost a norm, and we never retrieve twice before clicking on it. That simple activity can now pb to a lot more just a stupid video share past a friend as cyber criminals are using it to target users.

Facebook is one of the pinnacle social media networks that is used by billions around the globe. Similar to all the other pop platforms, Facebook's fame also makes it an attractive target for criminals to run malicious campaigns. In i of these campaigns, criminals have launched a two stage attack that starts when a user clicks on the mention. "A malicious file seized control of their browsers, terminating their legitimate browser session and replacing it with a malicious one that included a tab to the legitimate Facebook login page. This was designed to lure the victim back into the social network site," researchers at Kaspersky warned in a blog post.

Facebook Malware

Once the user logs dorsum into Facebook, the victim's session was hijacked and a new malware file was downloaded. This malware file was coded to alter privacy settings, and included account-takeover and account-information extractor scripts, that could be used for further malicious activities. Identity theft, spam, fraudulent likes and shares, and more such could be initiated once an account is stealthily taken over. Earlier all this, yet, the malware starts working past sending the same phishing notification to all the victim's friends. Yes, nosotros are back to those old malware tactics.

Kaspersky Lab was informed of this phishing scam on June 26th, and during their investigation found over ten,000 victims in the infinite of the next 48 hours. The assail was unleashed on Facebook users globally, with nigh affected in Brazil, Poland, Peru, Israel, and Mexico.

Confirm if you were a victim of this Facebook malware scam

Open Chrome on your Windows device
Expect for the extension named thnudoaitawxjvuGB

Or,

Get to Beginning Run >
Copy and run this control
- %AppData%\Mozila
Expect for folders and files like, "autoit.exe" and "ekl.au3"

If you find these files, your estimator is most likely infected.

Facebook has now stock-still this threat, and "is blocking techniques used to spread malware from infected computers." Google has also removed the extensions from its Chrome Web Store which was used to launch these attacks. The malware affected users on Windows operating system and possibly on Windows Mobile devices besides. Researchers said that iOS and Android were totally allowed to this attack considering the malware libraries weren't compatible with these mobile operating systems.