Microsoft has announced that it has discovered a new wave of malware attacks that are trying to go after Facebook profiles. The malware itself, Trojan:JS/Febipos.A, is delivered via a browser extension that so far has been found to target users of Google's Chrome and Mozilla's Firefox browsers.
In a post on the company's Malware Protection Center blog, Microsoft says the Facebook browser extension was first found in Brazil. It states:
To begin with, this Trojan monitors a user to see if they are currently logged-in to Facebook. It then attempts to get a configuration file from the website
.info/sqlvarbr.php. The file includes a list of commands of what the browser extension will do.
The malware is capable of taking over a user's Facebook account and can then post a new message, "like" a post, engage with friends, comment on a post and more. It may also post links on Facebook profiles, such as the example shown in the image above which has a link to a car selling site.
The Facebook malware browser extension originated in Brazil but is unlikely to be confined there. Microsoft warns, "There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time." Microsoft recommends all PC users keep their security programs updated with the latest virus and malware definitions.
Source: Microsoft | Image via Microsoft