Malware Mining Crypto-Currency is Targeting Users of Facebook Messenger

According to security researchers, a malware that mines crypto-currency is trying to exploit users of Facebook Messenger. The attack campaign is targeting end-users within a number of countries to deliver Digmine a fresh malware strain which plants one miner for Monero crypto-currency along with one malevolent Chrome extension that assists the malware to spread onto new victims.

Facebook Messenger the authorized messaging platform of Facebook is the medium through which Digmine proliferates in the guise of one video clip- video_xxxx.zip, says Trend Micro the cyber-security firm. The malware infects end-users when they attempt at viewing the video. And when end-users open the Chrome extension the malware gets to enter the FB profile of those people and then dispatch private missives along with malicious program into the contact addresses of the victims. Gizmodo.com posted this, December 21, 2017.

Trend Micro further states, the malevolent bot affects end-users merely when they access it via Chrome's desktop version. However, viewing the malicious file via any application on a mobile-phone doesn't infect the device.

The Chrome extension when uses the self-propagating system finds it workable solely after Chrome logs in end-users automatically inside their FB A/Cs. For an end-user who doesn't have his Facebook log-in details stored inside Chrome, there will be no function of the extension.

It has been found that attackers are abandoning .exe files, implying they're merely targeting Windows owners and not Mac or Linux computers. Apparently, the campaign first targeted end-users within South Korea, however, from then it has disseminated to Ukraine, Azerbaijan, Vietnam, Venezuela, Thailand and the Philippines.

In the wake of the attack, Facebook stated that it maintained several automated systems for aiding in halting the appearance of malicious web-links and other destructive files on FB and Messenger. The company promised to provide one non-chargeable anti-virus scan to end-user, whose PCs it may suspect to be infected.

For all-time safety, on receipt of any web-links, users need to handle them cautiously no matter whether they're from known persons. Whilst crypto-currency stealing malware isn't new being into existence since years, it's witnessing ever more attention with the explosion of the crypto-currency business.

» SPAMfighter News - 12/29/2017