Microsoft warns of new Trojan hijacking Facebook accounts

Malware focusing on the social network's users in Brazil masquerades as a legitimate Google Chrome extension and Firefox add-on.

Microsoft has issued a warning that a new piece of malware masquerading as a Google Chrome extension and Firefox add-on is making the rounds, threatening to hijack Facebook accounts

First detected in Brazil, Trojan:JS/Febipos.A attempts to keep itself updated, just like normal, legitimate browser extensions, Microsoft noted in a security bulletin late Friday.

Once downloaded, the Trojan monitors whether the infected computer is logged into a Facebook account and attempts to download a config file that will includes a list of commands for the browser extension. The malware can then perform a variety of Facebook actions, including liking a page, sharing, posting, joining a group, and chatting with the account holder's friends.

Some variants of the malware include commands to post provocative messages written in Portuguese that contain links to other Facebook pages. The number of likes and shares on one such page grew while malware experts at Microsoft were analyzing the Trojan, suggesting that the infections are continuing to occur.

Microsoft did not indicate how the malware installs itself or how many infections might have occurred.

There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time. In any case, we recommend you always keep your security products updated with the latest definitions to help avoid infection.

So while the malware appears to be designed to target users in Brazil -- where Portuguese is the dominant language -- Microsoft concluded that the Trojan could easily be modified to target users in other regions.

(Via The Next Web)

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Find Your Tech Type

Take our tech personality quiz and enter for a chance to win* high-tech specs!