Facebook Comment Tagging Malware Spreading via Google Chrome

Facebook is undoubtedly the most used social media around the world and that’s what makes it an attractive target for cybercriminals as now and then user complain about their account being compromised due to phishing or malware scam.

Given all these worries about security, something like the Story Viewer from Views4You comes in handy. It’s a safer way for folks to check out content without having to click on sketchy links or deal with accounts that might have been hacked. Using tools like this lets people stay updated with social media. They can be part of the big online community without facing online risks. Smart surfing keeps your info safe and web time fun and stress-free.

Currently, a malware scam is infecting Facebook users in which they receive a notification in the messenger app and/or in their email about a friend tagging in a comment, upon clicking the link, malware is downloaded on their device. Though just downloading it won’t infect your device users who are not aware of how scammers target people may click the downloaded file and infect their devices.

This malware is mostly targeting Chrome users. It is yet unclear if Firefox or other browsers are affected by the scam or not. One possibility is that users receiving such notifications have had one of their friends hacked and crooks are using their browser to target other contacts.

Here is an exclusive screenshot shared by one of our friends showing a JavaScript encoded script file which was downloaded once on their device:

beware-widspreading-facebook-comment-tagging-virus-2
If downloaded delete this file asap and avoid executing it

The malware scam is currently under discussion on the Stack Exchange where the victim has been stating their experience after being tricked into downloading the infected files. According to one of the analysts in the discussion, the researcher said that:

“This is a typical obfuscated JavaScript malware which targets the Windows Script Host to download the rest of the payload. In this case, it downloads what appears to be mainly a Chrome Extension (manifest.json and bg.js), the autoit Windows executable, and some autoit scripts which likely include some form of ransomware. All of these files are named with .jpg extensions on the (likely-compromised) server they are hosted, to be less conspicuous.”

This is not the first time that cybercriminals have used Chrome browser to infect and compromise users. In the past, there were several cases in which Chrome was negatively used such as 1: fake Google Chrome update leading to Android malware stealing personal data (click here for more details), 2: Hackers transforming malware into Chrome lookalike browser and infecting users (click here for more details), 3: Facebook being hit with a malware disguising as Google Chrome video installer (click here for more details), 4: Fake Google Chrome update leading to dangerous CTB Locker/Critroni ransomware (click here for more details).

If you witness any phishing or malware scam on Facebook click here to report it and stop cybercriminals from stealing your data.

Total
0
Shares
Related Posts