Malware infection spreads to Facebook users via Google Chrome

ByMkhmarketing

Social media is used as a new community tool for many people, but cybercriminals can infect users with malware or target phishing scams via these platforms. As cyber crime aimed at users of SNS rampant, new kinds of malware infecting users using Facebook via Google Chrome have been discoveredHackreadIt is reported by.

Facebook 'Comment Tagging Malware' Spreading via Google Chrome
https://www.hackread.com/facebook-comment-tagging-malware-google-chrome/


Facebook malware spreading to users via Google Chrome
https://www.neowin.net/news/facebook-malware-spreading-to-users-via-google-chrome

The new malware that spreads among Facebook users is called "comment tag malware". This is because if you send a notification saying "Your friend has commented on a post tagged by himself" to Facebook users and clicking on the sent link, malware will automatically be sent to your PC or smartphone It will be downloaded. While it is downloading, it seems that the terminal has not been infected with malware, but it seems that it will be infected with malware when the download is completed.

Malware targets Google Chrome users, that is, users using Facebook with Google Chrome. However, it is currently unknown whether users using browsers other than Chrome such as Firefox will be infected with malware.

The malware that is downloaded unnoticed by a hacker is a script written in JavaScript, which seems to be a script for downloading and executing the executable file "autoit.exe".


This malware is a Q & A site "Stack Exchange"Security related page ofA questionThose whose existence became clear. One of security-related analysts said, "This isWindows Script HostIt's a typical JavaScript malware that tries to download the rest of the payload using the. " The JavaScript file downloaded by clicking the link seems to have downloaded "manifest.json" or "bg.js" which is the configuration file of Chrome extension. And it is believed that "autoit.exe" in the executable file also includes Ransomware.

In addition, it seems that all the files downloaded by executing "autoit.exe" are disguised as ".jpg" file.