Hackers using new Facebook Messenger scam to carry out ransomware attacks


Cyber criminals have been using a Facebook Messenger scam to steal private data from users.

The scam has spread on Facebook via a link sent from infected accounts.

The link, which looks like a photo saved in the SVG image format, is actually a malicious file and when unsuspecting users click on it they are taken to a fake version of YouTube where they are then asked to install a Google Chrome extension in order to watch the video.

Once the Chrome extension has been installed it can read, record and change any data the user has entered into a website – including users and passwords.

The malware is particularly effective because once installed it does not appear on the Google Chrome toolbar and can be used to harvest financial information and login details to online banking, the details of which are then sent back to a server belonging to the cyber criminals.

If that wasn’t bad enough, the extension then hijacks the victim’s Facebook account and send the link to all of their friends in order to try and spread the malware.

Bart Parys from the Blaze Security Blog who first reported the scam said it could be used to carry out ransomware attacks, whereby hackers encrypt all the victim’s files and data on their computer, only making it accessible when they have paid a ransom.

Parys also confirmed that Facebook has begun taking action against the scam and preventing ways that had allowed the malware to spread across the social network.

Facebook later confirmed it is aware of the scam and is taking action against it.

“We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook,” said a spokesperson for the company.

“We are already blocking these ones from our platform, and we have reported the bad browser extensions to the appropriate parties.”

In his blog, Parys advises users about clicking on links or opening file attachments, even if they appear to have been sent from a friend. He also said users should make sure they have antivirus software installed on their device.

Finally, Parys recommended users create a strong password and never use the same password on more than one online account.

Sound advice we say.

Source: Theatre Post


Comments are closed.