Seocheckout

Simple Facebook Notification Infects Over 10,000 Windows OS Facebook Users in 48 Hours



Write the reason you're deleting this FAQ

Simple Facebook Notification Infects Over 10,000 Windows OS Facebook Users in 48 Hours

Thousands of Facebook users have been infected by a new kind of malware that takes over a Facebook user's account in a latest phishing scheme which works in two ways. It all starts from a simple Facebook notification which when you click on it will launch a two stage attack on your Facebook account.

It's usual to receive a notification about something on Facebook and we never even think twice about clicking on it. However that simple action can now bring about a lot more than just getting to see what your friend said on something such as some dumb funny video or something. And cyber criminals are using this irresistible nature to attack Facebook users.

Facebook is the worlds biggest social networking site and is used by billions of people all around the world. However because it's the biggest, it's also the most susceptible to attack and makes it a bigger target for cyber criminals to target and try to run malicious scripts on. In their latest campaign, they launch a two stage attack that starts when you click on a simple notification. After which a malicious file tries to take control of the users browser and then terminates their current browser session and replaces it with a malicious one that contains a tab to a legitimate looking Facebook login page which is designed to lure the victim back to Facebook but then steals their login details.
Simple Facebook Notification Infects Over 10,000 Windows OS Facebook Users in 48 Hours
As soon as the victim logs back into the Facebook their session is hijacked and the malware begins to download and install more malware. It will attempt to change the privacy settings in your browser and even try taking over your account and PC to install scripts which can be used for malicious activities on your PC without your knowledge. This ranges from ID theft, spam and more. However before all this happens, the malware starts by sending the same phishing notification to all your friends who all think it's a genuine notification and so the malicious cycle begins all over again.
Simple Facebook Notification Infects Over 10,000 Windows OS Facebook Users in 48 Hours

This phishing scam was discovered by Kaspersky Labs on June the 26th who found out that over 10,000 Facebook users have been infected by the malware in as little as 48 hours. The true figure from then to now could run into 100's of thousands of infected users all blindly sending the same infected notification to people. However while it was a global attack most users effected were in Brazil, Poland, Peru, Israel, and Mexico.

Are you infected?

While this only effects/affects people on the Windows OS such as Windows phone users. You can find out if you've been infected by this particular Facebook malware phishing scam.

If you're a Chrome user

Look for an extension called "thnudoaitawxjvuGB"

If you're a Mozilla user

Go to StartRun >
Copy and run this command "%AppData%\Mozila"
Look for any folders and files called, "autoit.exe" or "ekl.au3"


If you can see any extensions of files or folders called this then you are definitely infected!

Since the phishing attack discovery, Google have removed the extensions from the Chrome Web Store which was used to launch the malicious phishing attacks on unsuspecting people. The particular phishing malware only affected Windows OS's and Windows mobile devices also. iOS and Android users were fully immune from the attack due to the malware libraries not being compatible with these OS's.

Comments

Please login or sign up to leave a comment

Join
Beverly
Wow! This is very worrisome! I'm always on Facebook and checking notifications. I don't usually check via my phone or even email - mostly just on site Facebook Notifications - but sometimes and to think this kind of thing is going on, makes me not want to check at all.



Are you sure you want to delete this post?

Everett
This is very interesting. You would think that Facebook, being a multibillion company, would have security measures in place to prevent this kind of an attack. I wonder since Kaspersky caught the malware, if Facebook released a statement. I highly doubt it though, they will probably overlook it, and not mention it to some PR tactics. Facebook users already have this odd relationship with their privacy policy, I'm sure facebook users won't like that they could've received malicious malware from simply clicking on their notificiations.

I wonder if the virus programs have updated their virus database to catch this malware, and if not I hope they do soon because you don't know what the malware does to your machine. :/



Are you sure you want to delete this post?

Lynne
Gosh this is scary! If my Facebook gets hacked I have a load of pages, followers and friends. I would hate to be the cause of some nasty phishing scam going more viral Simple Facebook Notification Infects Over 10,000 Windows OS Facebook Users in 48 Hours

Thanks for the instructions to check for this malware, I'll do that now!



Are you sure you want to delete this post?

Everett
Yeah, just think if one of your friends get hacked, you don't know, and they possibly won't know until it's too late. Think if they were posting links to malicious sites, or even the notification virus. A select few of the friends will see this post, and click and get infected. So scary!



Are you sure you want to delete this post?

Corzhens
This is the first time I’ve heard that a malware had infected Facebook. I wonder how Facebook will react to the said malware. And if it’s a phishing malware then it will easily fool Facebook users when it is in the notification area. The user has the tendency to click on the notification without even thinking if it is a malware much more when the user in the notification looks strange. That’s a scary malware because it can spread fast and I hope it is stopped soon.



Are you sure you want to delete this post?