Malware Served Through Innocuous-Appearing Image Files on Facebook

Security researcher Bart Blaze has just detected one fresh piece of malware disseminating on Facebook, piggy backing on innocuous-appearing image files so as to contaminate people's PCs.

The malware looks like .SVG pictorial files distributed from hijacked A/Cs on Facebook. These kind of files easily take in embedded material such as JavaScript while are facilitated with opening inside any contemporary Web-browser. Neowin.net posted this online dated November 21, 2016.

Being a comparatively modern form of file, .SVG files provide ample opportunity for experimenting to hackers as they would encounter the latest filtering mechanisms. Further according to Bleeping Computer's report, because the files are XML-based as well as let dynamic material, they're well-known for serving malevolent JavaScript implanted straight into the image. Thereafter, when the image is clicked it diverts the user onto one fake YouTube website. The item on the fake YouTube, naturally not a real video, demands that the user include one codec for watching the film through Chrome browser.

The malware actually a ransomware makes the extension for running it allow reading as well as modifying the entire database of the user on the different portals he visits.

Blaze explains that the extension further disseminates the ransom software across Facebook by hijacking the victim's A/C. Simultaneously, the tainted extension of Google's Web-browser Chrome is cleared off its existence.

In the meantime, like always, users mustn't view unsolicited messages whether inside SMS, e-mail client or Facebook Messenger like it happened some days back when phishing attacks distributed phony Apple ID via text messages. Malicious software attacking Facebook isn't anything unknown. And so with cyber miscreants making great effort for duping end-users in various ways, adopting an additional measure for maintaining safety and security of one's self and others could fetch benefit even over the long run.

Effectively the problem impacted only a few end-users, while in case Facebook feels any suspicious activity within any user's account, the company will notify that person when he next logs in. Facebook assured that it would continuously enhance its systems for making sure that people kept on enjoying safe browsing on its website.

» SPAMfighter News - 11/24/2016