A researcher from the Kaspersky Lab has found out new malware, with complicated and advanced code, affecting sufferers with adware via Facebook Messenger. The preliminary thinning out mechanism appears to be Facebook Messenger; however, the way it spreads through Messenger is still not known. It might be from hijacked browsers, click-jacking or stolen credentials. Right now, the lab said they are not certain as this investigation is still ongoing.
The message utilizes conventional social engineering to ploy the user into tapping the link. The message displays “David Video” followed by a link “bit.ly.” When the fake playable movie link is clicked by the victim, they are redirected by the malware to a set of websites that details their operating system, browser, and other essential data. Based on their operating system, they are headed to other websites.
The malware depends on social engineering for affecting, alluring users to tap on a link that points out a Google document. This doc has already taken an image from the Facebook page of the victim and generated a dynamic landing page that appears similar to a playable movie.
The usual “domain chain” method is used by the adware, redirecting and snooping users via malicious websites based on characteristics such as geolocation, language, browser data, operating system, installed plug-ins, cookies, and so on. For instance, users of diverse browsers are headed to distinct landing pages with bogus notifications & messages, camouflaged as updates of well-liked extensions or applications that can be installed. The adware is downloaded, by tapping on that link, to the victim’s device.
The ongoing research recommends that no real malware—such as exploits and Trojans—is being downloaded to the tool; even though individuals behind the malware are probably making a lot of riches from unwanted advertising and receiving access to numerous accounts of Facebook. It has been some time since these adware drives are using Facebook, and it is pretty inimitable that it also utilizes Google Docs, with customized landing pages.
So, all we need to do is think before clicking any suspicious links. Keep your data safe..!! Feel free to express your views regarding the same.###
