New Facebook Messenger Malware Can Steal Users' Passwords, Money, Or CPU Power

A new type of malware made its way to Facebook Messenger and it can steal users' account passwords, cryptocurrency funds, or computer processing power.

Facebook Messenger is one of the most widely used messaging platforms worldwide, so this malware could do massive damage on a global scale.

Beware Of This New Facebook Messenger Malware

As cyber-security firm Trend Micro reports, the new Facebook Messenger malware, referred to as FacexWorm, comes as a slightly modified version of an older type of malware first discovered back in August 2017.

The malware spreads through links sent via Facebook Messenger. Upon clicking on this link, unsuspecting users end up on fake YouTube pages that attempt to trick them into installing an extension for Google Chrome.

If it manages to trick users into adding that malicious YouTube extension, the malware can steal users' passwords, money, or exploit their computer's CPU to mine cryptocurrency. At the same time, it sends YouTube links to other users in the victims' contact list, further spreading the malware.

Cryptocurrency Malware Scam In Facebook Messenger

Since it attempts to steal users' cryptocurrency funds, this malware might aim to conduct illicit cryptocurrency affairs. It also targets cryptocurrency exchanges, aiming to take over legitimate transactions on a trading platform in order to steal users' funds.

As previously mentioned, the malware can also exploit users' CPU power, as it injects malicious code into pages users open on the web. This way, unsuspecting users lend their PC's processing power to mine cryptocurrency and they're not even aware of it.

"[I]t can also steal accounts and credentials of FacexWorm's websites of interest," warns Trend Micro. "It also redirects would-be victims to cryptocurrency scams, injects malicious mining codes on the webpage, redirects to the attacker's referral link for cryptocurrency-related referral programs, and hijacks transactions in trading platforms and web wallets by replacing the recipient address with the attacker's."

Cryptocurrency Transactions Compromised

FacexWorm already compromised one Bitcoin transaction, Trend Micro found upon checking the wallet and address of the attacker. And that's just one confirmed transaction, but there could be many others compromised by this malware.

In a nutshell, the FacexWorm malware can steal users' credentials for their Google, Coinhive, and MyMonero accounts, conduct a cryptocurrency scam, engage in malicious cryptocurrency mining by injecting JavaScript miners to web pages, hijack transactions dealing with cryptocurrency, and earn money from redirecting users to referral programs for cryptocurrency.

How To Stay Safe

The simplest way to avoid falling victim to this malicious scam is to be wary of what links you open in Facebook Messenger. This should be the norm for opening all links on all platforms, as a great deal of malware spreads through malicious links.

In this case, if you receive a suspicious link in Facebook Messenger and it takes you to a YouTube page, asking you to install an extension, do not give it any permission to install anything.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics