x
advertisement
Filtered By: Hashtag
Hashtag

New malware hijacks social media accounts


A new malware threatens to hijack Facebook, Google+ and Twitter accounts, but only if the prospective victims are using specific browsers.
 
Security vendor Trend Micro said the malware particularly targets users of Google's Chrome and Mozilla's Firefox by posing as an extension for the two open-source browsers.
 
"To install these fake extensions, users would see various lures on social media sites to try to get users to install a fake video player update. In reality, this player update is a malicious file detected as TROJ_FEBUSER.AA, installs a browser plugin depending on the browser currently being used," it said in a blog post.
 
In the case of Chrome, Trend Micro said one version detected as JS_FEBUSER.AA claims to be "Chrome Service Pack 5.0.0." For Firefox, the fake plugin is "Mozilla Service Pack 5.0."
 
While Google has since flagged this plugin as malicious, there is an updated version posing as "F-Secure Security Pack 6.1.0 (for Google Chrome) and F-Secure Security Pack 6.1 (for Mozilla Firefox)."
 
Making the malware more dangerous is that the fake video player update is digitally signed, which means potential victims can "trust" the file as legitimate and harmless.
 
"Once installed, it connects to a malicious URL to download a configuration file. It uses the details on that configuration file to hijack the user’s social media accounts and perform (some) actions, without any authorization from the user," it said.
 
These actions include:
 
  • Like pages
  • Share posts
  • Join a group
  • Invite friends to a group
  • Chat with friends
  • Post comments
  • Update status
 
"Because of this, in effect, the attackers are able to hijack the accounts of the users and could, for example, use them to spread links to other malicious sites," Trend Micro said.
 
Trend Micro reminded users to always be aware and vigilant of such scams.
 
"Cybercriminals are getting better at making their lures much more convincing, even resorting to abusing legitimate services and users in order to appear legitimate," it said.
 
Meanwhile, a separate article on The Next Web said the malware "doesn’t adapt itself to Internet Explorer, Safari, nor Opera." — TJD, GMA News
Tags: malware, socialmedia, hacking
Most Popular