Beware Of Windows/Macos/Linux Virus Spreading Through Facebook Messenger

If yous came across whatever Facebook message amongst a video link sent yesteryear anyone, fifty-fifty your friend — but don’t click on it.

Security researchers at Kaspersky Lab convey spotted an ongoing cross-platform drive on Facebook Messenger, where users have a video link that redirects them to a imitation website, luring them to install malicious software.

Although it is yet unclear how the malware spreads, researchers believe spammers are using compromised accounts, hijacked browsers, or clickjacking techniques to spread the malicious link.

The attackers brand purpose of social applied scientific discipline to play a joke on users into clicking the video link, which purports to endure from ane of their Facebook friends, amongst the message that reads "< your friend advert > Video" followed yesteryear a bit.ly link, equally shown.

Here's How this Cross-Platform Malware Works:

The URL redirects victims to a Google MD that displays a dynamically generated video thumbnail, similar a playable movie, based on the sender's images, which if clicked, farther redirects users to around other customised landing page depending upon their browser as well as operating system.

For example, Mozilla Firefox users on Windows are redirected to a website displaying a imitation Flash Player Update notice, as well as and thus offered a Windows executable, which is flagged equally adware software.

Google Chrome users are redirected to a website that masquerades equally YouTube amongst similar YouTube logo, which displays a imitation mistake message popup, tricking victims into downloading a malicious Chrome extension from the Google Web Store.

The extension truly is a downloader that downloads a file of attacker's selection to the victim's computer.

"At the fourth dimension of writing, the file which should convey been downloaded was non available," David Jacoby, a primary safety researcher from Kaspersky Lab, writes inwards a weblog postal service published today.

"One interesting finding is that the Chrome Extension has log files from the developers displaying usernames. It is unclear if this is related to the campaign, but it is yet an amusing slice of information."

Users of Apple Mac OS X Safari ends upward on a spider web page similar to when using Firefox, but it was customised for MacOS users amongst a imitation update for Flash Media Player, which if clicked, downloads an OSX executable .dmg file, which is too adware.

Same inwards illustration of Linux, user redirects to around other landing page designed for Linux users.

The attackers behind the drive are non truly infecting users of all platform amongst whatever banking Trojan or exploit kits, but amongst adware to brand a lot of coin yesteryear generating revenue from ads.

Spam campaigns on Facebook are quite common. H5N1 few years ago, researchers flora cyber criminals using boobytrapped .JPG image files to enshroud their malware inwards gild to infect Facebook users amongst variants of the Locky ransomware, which encrypts all files on the infected PC until a ransom is paid.

To continue yourself safe, yous are advised non to teach curious to await at images or video links sent yesteryear anyone, fifty-fifty your friend, without verifying it amongst them, as well as ever continue your antivirus software up-to-date.

Share This :