SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Malware
#
CIOs
New malware scam using Facebook Messenger
Tue, 19th Apr 2016
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Digital security firm ESET is warning Facebook users of a common scam that sees attackers sending videos via Facebook Messenger through a user's friend list.

ESET says by using the potential victim's current friend list to send the message, the hackers heavily increase their chances of successfully having the malware installed on their victims' computer.

With the title “My first video”, “My video”, or “Private Video”, the malicious link can also tag various people from a victim's friend list on a status and lures them into clicking on it.

According to ESET, if a user falls for the scam, they will be re-directed to a fake YouTube website and let you know to install an extension to successfully load the content:

“Sorry, if you don't install Video Play plugin, you will not be able to watch the video! Click ‘Add Extension' to watch the video”.

“It's very concerning that this malicious link is targeting users directly through the messenger app, letting them think it is their friend sending a video,” says Nick FitzGerald, senior research fellow at ESET.

“Many users would think it is safe to click, but when the fake YouTube website comes up, they should not go any further,” he warns.

FitzGerald says if a victim clicks and installs the malicious plug-in, the browser they are using will become infected and continue to carry the infection with the same harmful content.

This threat has now been detected as JS/Kilim.SO and JS/Kilim.RG by ESET and is only targeting Chrome users for now, but it might spread to other browsers in the future.

“Signs to watch for is massive tagging, weird titles and links targeted at you,” says FitzGerald.  “If you eventually click on it, watch for the link name, the fake YouTube website as well as a pop up asking you to install an extension,” he explains.

“The safest option here is just to message back your friend and ask if they meant to send that video or if their account has not been infected,” FitzGerald adds.

ESET has detected this threat more than 10,000 times in the past weeks spreading across Facebook users in the US, Canada, Australia, the UK, New Zealand, Russia, Singapore and many other regions.

“This malware is spreading very quickly over Facebook via Chrome browsers. There is a way to get rid of it however it may become more powerful and dangerous in the future with more capabilities to post messages, create pages, add friends and follow or unfollow profiles,” FitzGerald says.

“The best thing is to avoid clicking on any suspicious link and not download any plug ins coming from those links."

Related stories
RiverSafe teams up with Cribl to boost IT & data security services
Half of online traffic in 2024 generated by bots, report finds
Cisco launches Hypershield for AI-driven security upgrade
Axis unveils hybrid cloud platform for adaptable security solutions
Keeper Security launches user-friendly passphrase generator
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption