Malicious links appear as a video post you were tagged in on a timeline, or as a message sent to you via Facebook Messenger by a friend. They use the titles, 'My first video', 'My video', 'Private video' or a string of randomly generated characters.
Clicking on the link tells you that a plugin is needed in order to play the video. If this is installed your Facebook wall will be flooded with fake video posts tagging various friends. The malware has other functions though, it can add friends, create Facebook pages, share, edit or hide posts or unfollow them -- though ESET says these features are not yet active.
At the moment the malware only targets Chrome users but there's no guarantee it won't spread to other browsers in future. The company has detected the threat more than 10,000 times in the past week and users around the world have been infected.
Writing on the ESET blog, malware analyst Lukas Stefanko says, "At this very moment, the malicious campaign is spreading spam messages and infecting Facebook accounts with a very high rate of success. However, it has potential to become more dangerous in the future, spreading other, more powerful malware with new capabilities".
The blog includes more information on the infection along with details on how to remove it.
Photo credit: dolphfyn / Shutterstock
~ Ian Barker
0 comments:
Post a Comment