The Facebook virus is back in action

Facebook virus is back

Beware! World’s largest social network is suffering from a new wave of Facebook Messenger virus. This cyber threat has already reached thousands of users and, obviously, left them under a real stress after starting posting spammy messages to their friends.[3]

The exact number of people who have been affected is still unclear. However, researchers estimate that there could be almost a million of people who have been involved into the attack.

In the beginning, Facebook virus was far away from a critical security threat as its main functionality was based only on spammy links sent to victim’s friends. However, now it is believed to be capable of affecting all operating systems and infecting them with adware-type malware.[2]

Malware has gone cross-platform

It’s obvious that the virus got a significant improvement in the middle of August 2017. Previously, the primary targets of Facebook malware were Windows-based machines, without any concern towards Mac OS X or even Linux OS users. This time, criminals present the cross-platform malware which has no boundaries.

The latest variant of the virus is designed to target not only Mac users but also different versions of Linux OS.[1] This is a really concerning concept, as Linux is deemed to be one of the most secure platforms. 

The Facebook virus spreads via Messenger app

The main way used by virus iterations remains the same – Facebook Messenger. Despite the fact that it is still unclear how did this virus start its malicious deeds, researchers believe spammers use compromised accounts or hijacked browsers to spread the malicious link.

The attackers have also been using social engineering techniques to trick users into clicking a link which seems like it came from one of their Facebook friends. The innocent message claims that it is your friend’s video and is usually followed by a shortened link.

Upon clicking the link, you get redirected to a Google doc that displays a dynamically generated thumbnail, making it seem like it is an actual video. If the victim clicks on the video, he or she gets redirected to another page. This site is based on their operating system and browser of their choice.

The fraudulent website then displays a fake pop-up, tricking users into downloading the malicious extension[4] or a file. The extension can either generate more ads or continue spreading through victims friends list.

It is strongly advised to avoid clicking links sent by anyone on Facebook without verifying them first. It doesn’t matter if the sender is your old friend or someone you barely know, you should always double-check the information before opening unknown video links.

Ugnius Kiguolis