Skip to main content

Facebook virus that steals passwords multiplying at a rate of 40,000 cases per hour

A Facebook virus masquerading as a video message when it actually steals passwords has affected as many as 800,000 users and is spreading at a rate of 40,000 attacks an hour.

The New York Times reports the malicious software can hijack Facebook accounts as well as web browsers and starts to attack once a user has clicked on the message that will appear as though it has come from a Facebook friend.

Carlo De Micheli, an Italian security researcher, said the malware works by sending a link in a Facebook message or email saying the user has been tagged in a post on the social networking site. Once the user goes to Facebook and clicks the link they are directed to another site when their browser will prompt them to download an extension or plug-in to watch the video.

When the extension or plug-in is installed on the computer it has access to anything stored in the browser including any accounts that have saved passwords – something that is increasingly common among Internet users.

Google Chrome and Facebook are the two systems that have been compromised the most with both working to stop users clicking on the links.

“We have been blocking people from clicking through the links and have reported the bad browser extensions to the appropriate parties. We believe only a small percentage of our users were affected by this issue, and we are currently working with them to ensure that they’ve removed the bad browser extension,” Michael Kirkland, a Facebook spokesman, said in a statement to the New York Times.

Google, meanwhile, commented that they have “already removed several of these extensions” and are improving their systems so that in future they can be detected even faster.

Di Micheli added that the comments embedded in the software indicate the attack was born out of Turkey and the creator had already changed the software so that it can also attack Mozilla Firefox browser users.

The fact the plug-in can access anything stored in a browser will be worrying for Google Chrome users as it was revealed this month that Chrome stores passwords automatically and this virus would be able to access those passwords.

Image Credit: Flickr (Robert Scoble)