A wave of malware attacks is currently spreading through Facebook Messenger serving multi platform malware/adware. The attackers are using lots of domains to prevent tracking. The research regarding the code is still ongoing.
Facebook malware spreading mechanism
The message uses traditional social engineering to trick users into clicking the link. The message reads David Video and then a bit.ly link. The link points to a Google doc, and the document has already taken a pic from the victim’s Facebook page and created a dynamic landing page which looks the same as a playable movie. When you click on the so-called movie, the malware redirects you to a set of websites which enumerate your browser, OS, and more vital information.
The technique has been used before
This method features a lot of names, and it’s not a new one, it can be described simply as a domain chain that redirects the user based on certain features which may include geolocation, language, OS, browser info, installed plug-ins and cookies.
The code can move your browser through more websites and uses tracking cookies it will monitor your activity. It will also display ads and it can social engineer you to click on links.
How to block Facebook malware
It has been quite a long while since such adware campaigns have been using Facebook and the fact that this code also uses Google Docs with customized landing pages is pretty unique. No actual exploits or Trojans are being downloaded, but the people who are behind this code are probably making lots of money in ads and by getting access to tons of Facebook accounts. You can prevent being hacked by not clicking on such links and by updating your antivirus.
RELATED STORIES TO CHECK OUT: