Facebook Messenger malware/adware attacks affect thousands of PCs

Reading time icon 2 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Something went wrong facebook

A wave of malware attacks is currently spreading through Facebook Messenger serving multi platform malware/adware. The attackers are using lots of domains to prevent tracking. The research regarding the code is still ongoing.

Facebook malware spreading mechanism

The original spreading mechanism of the code is Facebook Messenger, but the way it spreads is still unknown. It may involve clickjacking, hijacked browsers or stolen credentials.

The message uses traditional social engineering to trick users into clicking the link. The message reads David Video and then a bit.ly link. The link points to a Google doc, and the document has already taken a pic from the victim’s Facebook page and created a dynamic landing page which looks the same as a playable movie. When you click on the so-called movie, the malware redirects you to a set of websites which enumerate your browser, OS, and more vital information.

The technique has been used before

This method features a lot of names, and it’s not a new one, it can be described simply as a domain chain that redirects the user based on certain features which may include geolocation, language, OS, browser info, installed plug-ins and cookies.

The code can move your browser through more websites and uses tracking cookies it will monitor your activity. It will also display ads and it can social engineer you to click on links.

How to block Facebook malware

It has been quite a long while since such adware campaigns have been using Facebook and the fact that this code also uses Google Docs with customized landing pages is pretty unique. No actual exploits or Trojans are being downloaded, but the people who are behind this code are probably making lots of money in ads and by getting access to tons of Facebook accounts. You can prevent being hacked by not clicking on such links and by updating your antivirus.

RELATED STORIES TO CHECK OUT:

More about the topics: Cybersecurity, Facebook Messenger