Facebook Messenger Malware FacexWorm Steals Passwords and Mines for Cryptocurrency
Facebook Messenger, a feature included within the popular social media network, has grown to become a widely-used platform for friends and loved ones to instantly communicate with one another. According to Kim Komando, over 1.2 billion people use Facebook Messenger today. And now cybercriminals are using it to communicate their latest phishing scheme to innocent users, as crooks are sending messages that are laced with FacexWorm malware via Facebook Messenger.
Aptly named, FacexWorm is a nasty strain that directs victims to fake versions of websites, such as YouTube, and then asks they download a Chrome extension in order to play a video’s content. No shocker here, but the extension is malicious, and actually installs FacexWorm instead, which can then steal account credentials from selected websites, including Google and cryptocurrency websites. What’s more, the malware variant can also hijack traffic from cryptocurrency trading platforms and steal funds, as well as crypto-jack a device by injecting malicious crypto-mining code on a webpage.
Unfortunately, the worm has found a way to wiggle from device to device as well, as it leverages a command-and-control server to access an infected user’s Facebook and multiply the amount of fake YouTube links. These links are then sent to the user’s contacts in order to further spread FacexWorm. If the link is sent to a user who isn’t using Google Chrome, the link instead redirects to a random advert.
With FacexWorm slithering its way through Facebook accounts, what can users of the popular platform do to fight back against the malware? For starters, you can follow these security pointers:
- Be careful what you click on. Be sure to only click on links from a trusted source. Even then, if the content coming from a friend seems strange or out of character, it’s best to remain wary and avoid interacting with the message entirely.
- Change your account login info immediately. Since one of FacexWorm’s main goals is to steal credentials to crucial sites, it’s important you change up your login to your Google account, any cryptocurrency accounts, and others you think may be affected by this attack. Be sure to make your next password strong and complex, so it will be hard for cybercriminals to crack.
- Stay secure while you browse. Sometimes it’s hard to identify if an email or social media message is coming from a cybercriminal. Add an extra layer of security to your browser and surf the web safely by utilizing McAfee WebAdvisor.
The post Facebook Messenger Malware FacexWorm Steals Passwords and Mines for Cryptocurrency appeared first on McAfee Blogs.
More antivirus and malware news?
- Cisco Video Communications Server CVE-2011-2538 Unspecified Remote Command Execution Vulnerability
- The man accused of hacking into celebrity iCloud accounts and stealing naked photos has agreed to plead guilty
- WhatsApp issues 24 hour ban for WhatsApp Plus users
- Pod2g: If Apple Releases iOS 6.2 We’ll Jailbreak It
- Mail-Order STD Tests Make Sharing Results as Easy as Sending a Snap
- No, you can’t get Verizon Unlimited free for 12 months
- Cybercrime kingpins are winning the online security arms race
- Police chief: There’s a “reasonably good chance” not much is on seized iPhone
- Iranian Official Denies Plans to Interfere With US Election
- Scheduled Maintenance – Code upgrade Video Conference LAN switches