Social Media Accounts of Specific Web-Browsers Being Hijacked by New Malware

A new malware terrorizes to compromise the social networking accounts of users who are using definite web browsers, according to warning issued by Trend Micro.

The security firm said that the malware specially hits users of Google Chrome and Mozilla's Firefox by pretending as an extension of the two well known open-source browsers.

To install these bogus extensions, users would see a variety of lures on social networking sites that try to get them to install a bogus video player update. In actuality, the supposed player update is a malevolent file, detected as TROJ_FEBUSER.AA. This Trojan installs a browser plugin that depends on the browser that's currently being used by the victim.

One variant detected by Trend Micro as JS_FEBUSER.AA asserts to be "Chrome Service Pack 5.0.0", in case of Chrome. And for, Firefox, the bogus plug-in is named "Mozilla Service Pack 5.0."

Although Google has flagged this plug-in as nasty, there's an upgraded version pretending to be "F-Secure Security Pack 6.1.0 (for Chrome) and F-Secure Security Pack 6.1(for Firefox).

Once installed, the malware calls to download a configuration file which includes details to compromise the user's social media site's accounts and then it can perform the following actions without any knowledge of the actual user: Like pages, sharing posts, joining a group, inviting friends and chat with them, post comments and update statuses.

This threat tries to perform the above actions on three different social networks i.e. Facebook, Google+ and Twitter. Due to this effect, the hackers are able to compromise accounts of users and employ them to distribute links to other tainted websites.

It has been observed that the update of fake video player is digitally signed.

The developers and publishers use digital signatures to prove that the file has come from them and it is not modified. Victims may acknowledge this file as one that's legitimate and harmless.

Users are always reminded to be conscious and alert of such online scams. However, Trend Micro concludes that cyber crooks are becoming better in convincing and luring users by resorting to exploiting legitimate web services in an attempt to appear legitimate.

» SPAMfighter News - 8/5/2013