Microsoft warns users about new malicious with Google Chrome extension and Firefox add-on that can Hijack Facebook accounts

Microsoft has Found a new piece of malware in the form of a Google Chrome extension and Firefox add-on that can Hijack your Facebook accounts. It does not appear that there are equivalent plugins for Internet Explorer or Safari.

The threat, detected by Microsoft as Trojan:JS/Febipos.A, was first found making the rounds in Brazil. Like other browser plugins, it attempts to keep itself updated with the latest instructions from its malware authors. Microsoft recommends that you download the latest definitions to get protected.

The Trojan in question checks to see if the current user is logged-in to Facebook or not. If you are, it attempts to download a configuration file that includes a list of commands. Depending on the file, Microsoft has found the malware is capable of doing any of the following with the user’s

Facebook profile:

  1. Like a page
  2. share content
  3. post on people’s profiles
  4. comment on other posts
  5. join a group
  6. invite friends to a group
  7. chat with friends.

Microsoft monitored a Facebook Page that the plugin often posted on and noticed that its Likes and comments increased, suggesting that users are actively installing these plugins. It’s not clear how criminals are getting users to install them, but they are likely using basic social engineering tactics employed in email and social networking spam.

Here is what Microsoft concludes in its analysis:

There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time. In any case, we recommend you always keep your security products updated with the latest definitions to help avoid infection.

In other words, while the threat seems to be currently focused on targeting Facebook users in Brazil (its messages are all written in Brazilian Portuguese), it’s easy to see how the threat could be modified to target more users. The fact that it uses a configuration file shows that the criminals specifically designed it to be modular.

The good news here is that this malware currently isn’t widespread. Nevertheless, you should make a point to only install browser extensions and add-ons from trusted sources such as the Chrome Web Store and Add-ons for Firefox.

Be safe Be Protected…

Pin It
  • Heya i am for the first time here. I found this board
    and I to find It truly useful & it helped me
    out a lot. I hope to provide something again and help others like you helped me.

  • I love what you guys tend to be up too. This type
    of clever work and reporting!
    Keep up the awesome works guys I’ve you guys to my own blogroll.

  • Hello there! I could have sworn I’ve been to this blog before but after looking at many of the articles
    I realized it’s new to me. Regardless, I’m certainly delighted I discovered it and I’ll be bookmarking it and checking back often!

  • It is perfect
    time to make some plans for the long run and it is time to be happy.
    I have learn this publish and if I may I wish to recommend you some
    fascinating issues or
    tips. Maybe you could write
    subsequent articles referring to this article.

  • This is a topic which is close to my heart.
    .. Take care! Where are your contact details though?