This malware was discovered by security firm Trend Micro which is named as TROJ_FEBUSER.AA. It automatically installs a browser extension for Chrome and Firefox , but doesn't adapt to Internet explorer,Safari nor Opera. This file extension is digitally signed which tricks the users thinking it to be from a legitimate source Once the extension is installed it allows one more configuration file to download which includes details for hijacking social media accounts of the effected user. You all know after hijacking what they do, they will probably like Facebook pages , share unusual post on your account, join groups, invite friends to a group chat, chat with friends and post comments.
Trend Micro said that not only Facebook but Twitter and Google+ accounts are also been hacked.The attacker can also use your account to spread some malicious links to their threat to other. Your account can become the source for them to hack your friends account. This is why the internet social media hacks are spread very fast. This is what Trend Micro said about digital signing:
Digital signatures are a way for developers and publishers to prove that a file did come from them and has not been modified. Potential victims may take this to mean that the file is legitimate and harmless. It is not yet clear if this signature was fraudulently issued, or a valid organization had their signing key compromised and used for this type of purpose.
Be aware of whatever your install through your browsers, it is highly recommended to download add-ons form trusted sources as the Chrome Webstore and Add-ons For Firefox.
No comments:
Post a Comment