Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Malicious Chrome Extensions Targeting Facebook

Researchers from Kaspersky Lab have found examples of malicious Chrome applications targeting Facebook users in Brazil. The attack use several methods to entice users to install the malware, and despite Google’s best efforts, the criminals behind the attack keep getting new variants into the Chrome Web Store.

Researchers from Kaspersky Lab have found examples of malicious Chrome applications targeting Facebook users in Brazil. The attack use several methods to entice users to install the malware, and despite Google’s best efforts, the criminals behind the attack keep getting new variants into the Chrome Web Store.

Facebook ScamsKaspersky says that from what they’ve observed, the attack is likely motivated by the numbers game, because in Brazil Chrome is the most popular browser, and Facebook is the number one social networking platform. The attacks are spreading via malicious extensions, some of them hosted in the Chrome Web Store.

So far, applications related to changing the color of a user’s profile, monitoring who is viewing their profile, and learning “how to remove the virus from your Facebook profile” are just some of the themes used in what Kaspersky calls a massive attack.

“The malicious extension presents itself as Adobe Flash Player,” Kaspersky’s Fabio Assolini explained in a blog post. “After installation, the malicious extension can gain complete control of the victim’s profile…”

The script file allows complete control over the victim’s Facebook profile, leading to malicious wall posts and forced Likes. The Likes appear to be the main goal of the attack, as the criminals behind it are selling them to companies looking to boost brand awareness.

Written By

Click to comment

Expert Insights

Related Content

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Phishing

The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.