Video with Malware Hijacks Users Facebook Accounts and Web Browsers
New York Times Bits Technology blogged on 26th August 2013 quoting a set of Italian security experts as saying "a malicious software masquerading as a video of Facebook which is hijacking user's Facebook accounts and Web browsers."
New York Times Bits technology blog published a report on 26th August 2013 quoting one of the researcher Carlo de Micheli as saying "The malware emerges as a link in an email or Facebook message informing people that they have been tagged in a Facebook post and when users go to Facebook and click the link, they are redirected to a different website and are provoked to download an extension of browser or plugin to watch a video."
Obviously there's no video but Internauts who download the desired extension are in reality installing a malware which is capable of compromising their Chrome browser. Many Internauts give permission to their browsers to stockpile login details for their accounts pertaining to email, social networking media and other Internet accounts and hence this attack is particularly troubling them because once the malicious software obtains control of user's Chrome browser, the cybercriminals can leverage any testimonials stored inside the browser and can access the accounts of Internauts.
Micheli said that the malicious software is growing by compromising the Facebook and to a smaller extent, email accounts of its sufferers and phish the innocent contacts of the victim with messages alike to those that caused their contamination in the very first place. Threatpost.com published a report on 30th August 2013 stating that the malware is difficult to be toned down as it blocks the page of Chrome setting where users could uninstall the tainted plugin and it also blocks accessibility to the websites of different antivirus (AV) providers.
De Micheli said that so far 800,000 users of Google Chrome are already affected and he has been observing 40,000 attacks per hour.
With reference to Google's reaction, a Google's Spokesperson commented that when we discover items including malware or find out regarding them through reports, we remove them from the Chrome Store and Chrome instances. We've already removed several felonious extensions and are enduring to improve our automated systems to identify them faster", reported infosecurity-magazine.com on August 29, 2013.
» SPAMfighter News - 07-09-2013