Security News Malware Spread via Facebook Makes 10,000 Victims in 48 Hours

Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
For around 48 hours between June 24 and 27, crooks used Facebook spam messages to distribute malware that hijacked user accounts to carry out operations like giving likes and sharing unwanted content.

malware-spread-via-facebook-makes-10-000-victims-in-48-hours-505969-3.jpg


A security researcher from Russian security firm Kaspersky Lab discovered the campaign, which was spreading among Facebook accounts in the form of a spam message received from a friend that informed users about being mentioned in a comment.


Malware used a two-stage attack scenario
Accessing the link would start the first phase of the two-stage attack, which would secretly download a trojan on the user's computer.

During the second stage, this trojan would download and secretly install an extension in the user's Chrome browser, if found on the infected system.

The Chrome extension would wait until the user tried to access Facebook again, asking him to reauthenticate. At this moment, the extension would log the user's Facebook username and password and send them to the crook's server.

The crook would then take advantage of these credentials and instruct these accounts to give likes and shares to desired content, while also spamming the infected account's friends to spread the malware further.

The crook behind this campaign was most likely selling Facebook Likes and Shares via his botnet of infected devices.

Read more: Malware Spread via Facebook Makes 10,000 Victims in 48 Hours
 
  • Like
Reactions: DardiM, Jrs30, omidomi and 9 others
DardiM

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
Social Network with large population, an easy way to spread malware :confused:
 
boredog

boredog

Level 9
Verified
Jul 5, 2016
416
hello

since I am new here and was looking at this thread, why is there a big security alert when entering? all I see are links to articles. I know I must be missing something.

update: ok I just got the popup saying if I have less then 100 posts malware download links are hidden. I better get busy then ;)
 
  • Like
Reactions: DardiM
boredog

boredog

Level 9
Verified
Jul 5, 2016
416
how would this malware do against kubuntu? that is what I have on my older sisters computer without any extra protection.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
The problem for Facebook is that, partnership with numerous security companies for campaign against threats became inconsistent at all.

For some reason, the campaign goes effective very well from the first place but seems later on, any threats are easily bypass through Facebook.
 
  • Like
Reactions: DardiM
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Scams & Phishing News Scam-Warning: Fake Trojan alert (here shown via Facebook ads)
Replies
0
Views
1,818
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
Malware News Over 6,000 WordPress hacked to install plugins pushing infostealers
Replies
1
Views
1,174
Security News
Victor M
Victor M
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Malware News Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
Replies
13
Views
2,918
Security News
Trident
Trident

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top