Facebook Messenger Sees FacexWorm Malware Resurface, Targets Cryptocurrency Transactions: Trend Micro

Facebook Messenger Sees FacexWorm Malware Resurface, Targets Cryptocurrency Transactions: Trend Micro


Facebook Messenger was plagued, again in August final yr, with a type of malware that despatched out pretend messages in an try and steal passwords and different delicate info from customers on the platform. It appears the malware is again for strike two because it has been noticed stealing knowledge and cryptocurrency from customers on the messaging app. It reportedly directs customers to pretend hyperlinks the place it urges customers to put in pretend Chrome extensions.

Dubbed FacexWorm by the researchers over at safety agency Trend Micro, this malware reportedly has had its capabilities reworked and now has a second stint at spreading itself throughout Facebook and Google Chrome. FacexWorm has added new skills that embody pushing indigenous cryptocurrency scams, mining contaminated techniques for cryptocurrency, and stealing account credentials from web sites. A socially engineered pretend YouTube web page is distributed to unsuspecting Facebook Messenger customers prompting them to put in a codec extension from the place it will get put in on their techniques. A Facebook share hyperlink permits the malware to achieve different folks in your good friend checklist as effectively, and probably infect their techniques as effectively.

Interestingly sufficient, the weblog put up states, FacexWorm malware particularly targets cryptocurrency buying and selling portals by trying to find key phrases corresponding to ‘blockchain’ and ‘ethereum’ current within the URL. Once detected, it’s going to apparently immediate the consumer to confirm pockets tackle cost by sending a token quantity of Ether. While there appears to be no risk of getting the cash again, researchers say just one Bitcoin transaction has been compromised within the ordeal but.

The Trend Micro weblog suggests this to be FacexWorm’s malicious behaviour – steal the consumer’s account credentials for Google, MyMonero, and Coinhive; push a cryptocurrency rip-off, conduct malicious net cryptocurrency mining, hijack cryptocurrenty-related transactions, and earn from cryptocurrency-related referral programmes.



Adapted From: Gadgets360

Leave a Comment for this TechXP Article