Microsoft Spies ‘Wave’ Of Facebook Account-Hijacking Trojans

Chrome and Firefox users facing barrage of malicious browser extensions

Microsoft has warned of a “wave” of malicious browser extension Trojans that are trying to hijack Facebook accounts.

After first discovering the threat in Brazil, Microsoft found the malware was targeting targeting Chrome and Mozilla Firefox.

Facebook - Shutterstock - © Pan Xunbin / Shutterstock.com

“To begin with, this Trojan monitors a user to see if they are currently logged-in to Facebook. It then attempts to get a configuration file from the website <removed>.info/sqlvarbr.php. The file includes a list of commands of what the browser extension will do,” Microsoft noted in a blog post.

Facebook- facing Trojans

The malware can do plenty of things on people’s Facebook accounts, including sharing links, issuing posts, liking pages and chatting to friends.

It has been busy posting typical social engineering fodder, including a post in Portuguese that translates to: “15 YEAR-OLD VICTIM OF BULLYING COMMITS SUICIDE AFTER SHOWING HER BREASTS ON FACEBOOK.”

The malware also ‘likes’ a particular Facebook page, hinting at a multi-faceted campaign, possibly involving click fraud.

“There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time. In any case, we recommend you always keep your security products updated with the latest definitions to help avoid infection,” Microsoft added.

Are you a security expert? Try our quiz!