A new malware was spotted by security researchers at Kaspersky Lab, targeting Facebook users. According to the researchers' new report, there have been 10,000 victims in two days.
The malware has two stages: firstly, an unsuspecting victim gets a message from a Facebook friend, saying they had mentioned them in a comment. But when the victim clicks to see the comment, they instead download a bunch of malware, including a Chrome add-on which can take over the victim's Facebook account, once they log back in.
After that, anything is possible, including privacy settings changes, data extraction, and so on. The victim's account is also used to keep spreading the message, as well as gather fraudulent likes and shares. The malware is protecting itself by trying to blacklist antivirus sites.
In two days, between 24th and 27th June, 10,000 people were infected. Brazil was hit hardest, with 37 per cent of cases. The country is followed by Poland, Peru, Colombia, Mexico, Ecuador, Greece, Portugal, Tunisia, Venezuela, Germany and Israel.
“Two aspects of this attack stand out. Firstly, the delivery of the malware was extremely efficient, reaching thousands of users in only 48 hours. Secondly, the response from consumers and the media was almost as fast. Their reaction raised awareness of the campaign and drove prompt action and investigation by the providers concerned,” said Ido Naor, Senior Security Researcher, Global Research and Analysis Team, Kaspersky Lab.”
Kaspersky Lab urges all Facebook users to stay safe, by keeping an antivirus software and think twice before opening any links or attachments, even if they are from a friend.
Photo credit: tulpahn / Shutterstock