Messenger Malware Tracking User’s Messages and Passwords
A new Facebook Messenger malware has cropped up.
A new Facebook Messenger malware has cropped up and it is being used to track user’s messages and passwords. The malware is an adaption of a recent Messenger virus that was previously just used to serve users adware.
The Messenger malware is sent through infected Facebook user’s accounts as a Facebook message. In the message, the recipient’s name is mentioned and a link to a fake video is sent. When the recipient clicks the video link, the URL the recipient reaches will try to install malware hiding as an update to a popular app or program.
In some cases, the malware will attempt to download onto your device automatically and will disguise itself as an app or video file. If a user installs the downloaded file, their own device will be infected and their Facebook account will be compromised.
Going forward, that newly infected user will have the same message sent out to the contacts on their own Messenger account and it’ll then spread through unsuspecting users like wildfire. This particular virus has been widespread throughout the entire globe, but this specific version that targets a user’s personal data is particularly present in New Zealand.
The Messenger malware can determine what device the targeted individual is using when they click the link – this gives the attacker the chance to send malware catered for your device. Currently, attackers have targeted Android and Windows PC systems. The Messenger malware will often determine your location to provide a fake download link to something that’ll seem legitimate.
Because of the sudden rise in similar attacks, we’re unsure whether these attacks are from one single malicious group or a number of different groups acting individually.
So far, there’s no way of knowing which version you’ll be infected with if you download it, so it’s better to assume any malware accidentally installed through Messenger can use SMS tracking, email tracking, keylogging, and password stealing.
If you accidentally install malware, you should immediately change the passwords of all of your accounts. If you’re on Android, you should perform a factory reset. If you’re on Windows, use anti-malware software to remove the malware.
As an extra precaution, make sure to use the Facebook security features to disable all current sessions. You should also add two-factor authentication to your account so that nobody else can attack your Facebook account in the future.
Recently, Netsafe CEO Martin Cocker spoke to New Zealand’s national channel TVNZ1 to talk about the recent malicious attacks.
“As we understand, it’s pretty widely through the Facebook network. This particular version that’s spreading at the moment steals personal information. There is another version which is less common which encrypts your computer.”
Cocker offered the same suggestions for securing your accounts as we have. It’s also advised to change all of your passwords across all the services you use. Going forward, it’s wise to use different passwords for different services to avoid malicious attacks infiltrating all of your accounts in the case of a security breach into one of the services you use.