On June 26th, 2016, thousands of Facebook users discovered that they had been tainted by a virus after they got a message from a Facebook friend by way of “mention”. According to Poynter Institute, Facebook Mentions are the fraternal twin to Twitter’s @mention feature. When you update your status on Facebook and type @ followed by the first few letters of a friend’s name, a drop-down menu appears, allowing you to select the friend, or in this case, the victimized.
Kapersky labs investigated the desktop-targeting/ two-part digital attack on Facebook users that was executed, and it was soon discovered that the digital attack was hitting targets around the world.
The first stage of the attack started when the user clicked on the “mention”. A malicious file seized control of their browsers, terminating their browser session and replacing it with a malicious one that included a tab to the legitimate Facebook login page – this provided the attackers with a rabbit hole through which they could hijack the user’s Facebook session and permissions and send out malicious notifications to the victim’s Facebook friends.
Upon logging back into Facebook the victim’s session was hijacked in the background and a new file was downloaded. This represented the second stage of the attack, as embedded in this file was an account-takeover script that included a privacy-settings changer, account-data extractor and various other tools that could be used for further malicious activity, such as spam, identity theft and generating fraudulent ‘likes’ and ‘shares’.
The most affected countries were Brazil, Poland, Peru, Colombia, Mexico, Ecuador, Greece, Portugal, Tunisia, Venezuela, Germany and Israel.
The Kaspersky Security Network (KSN) recorded right around ten thousand disease endeavors the world over in the span of only 48 hours. Though Facebook has now mitigated this threat and implemented blocking techniques used to spread malware from infected computers, it’s important to do your part as an Android user.
Psafe Total has an effective team that is always keeping eye on new malwares/threats for users.
Ensure your device isn’t at risk by scanning for threats.
Run a Full PSafe Total AV Scan
Learn all about one of the hackers' favorite breach method and keep your company safe…
Have you ever wondered how to recover deleted photos on Android? After all, the lack…
Digital worms are among the most serious threats in the wild kingdom of the Internet.
Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…
Five Steps to Reduce QR Code Risk! Step one? Read this article…
Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…