Malware News Facebook malware disguises itself as an image file to download more malware

Exterminator

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
A new strain of malware has recently been discovered spreading on Facebook, taking advantage of innocent-looking image files to infect computers.

Discovered by Bart Blaze, a security researcher, the malware takes the form of .SVG image files, which are sent from compromised Facebook accounts. SVG image files, unlike other common file types, have the ability to contain embedded content like JavaScript, and can be opened in a modern browser.

With the malicious item in question, clicking on the image redirects the user into a website posing as YouTube. While it might not immediately raise red flags upon entering the fake website, the page will then ask the user to download a certain codec extension in Google Chrome in order to view the video, a very typical modus of malware creators.

Installing the purported extension will give it the capability to alter users' data regarding websites they visit. According to Blaze, the extension will also spread the malware further on Facebook, compromising the victim's account.
To make things worse, Peter Kruse, a colleague of Blaze, further noted that in another instance, the image file contained the Nemucod downloader, which then downloaded a copy of Locky ransomware.

It is not known how the SVG files bypassed Facebook's file extension filter, which only accepts a set number of extensions, but Facebook's security team has been reportedly notified of the exploit. The malicious Chrome extension has also been removed.

As per usual, it pays to be wary of what we click on the internet, as it may lead us to websites that could possibly compromise our data and identity. Malware on Facebook is nothing new, with cybercriminals trying hard to fool its users through various methods, so taking an extra step in keeping yourself and others protected can go a long way.

Source and Images: Bart Blaze via Help Net Security
Click to expand...
 
  • Like
Reactions: jamescv7, Deleted member 2913, LASER_oneXM and 10 others
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
With the powerful concept of stenography, many security tools ignored upon detection since attacks are so minimal.

However the problem arises where the strain of threats are more obfuscated that makes security products delay on processing.
 
  • Like
Reactions: DardiM
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Malware News Pixel perfect Ghostpulse malware loader hides inside PNG image files
Replies
0
Views
1,104
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Hundred Points
Malware News Malware September 2024: Formbook on Windows devices
Replies
0
Views
794
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Wow
Malware News Updated FakeCall Malware Targets Mobile Devices with Vishing
Replies
1
Views
903
Security News
lokamoka820
lokamoka820

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top