FacexWorm, the dangerous malware that attacks Facebook

FacexWorm is the name of the malware that, like the vast majority of “viruses”, causes users to fall into a trap created by hackers to infect millions of users worldwide.

To distribute this threat, a series of publications on the social network are disseminated, as well as links through Messenger, which lead to a fake website that mimics the appearance of YouTube and asks to install an extension in Google Chrome.

When the person downloads and installs the extension, it begins to automatically download a series of modules and components used to perform all their tasks directly running from the browser.

This malware is capable of doing in infected browsers:

• Steal an OAuth Facebook token to be distributed using the victim’s Facebook account.
• It’s done with Google, MyMonero and Coinhive credentials when the user enters the login website.
• Inject mining cryptocurrency scripts on websites.
• Suppress the addresses of the purses when making payments with cryptocurrencies.
• It detects all searches related to cryptocurrency purses and redirects them to fake websites from which it steals credentials.
• The extension closes when it detects that the user opens the extension manager of Google Chrome to not be detected.

In fact, Trend Micro security experts have shown that this malware has been able to supplant a payment with Bitcoin, valued at 2.29 dollars. However, it is believed that the money that can be earned by hackers with mining functions is infinitely higher.

N. Moncada

Source: Softzone

Receive this and all our information directly on your cell phone through our channel on Telegram: https://t.me/BitFinanceNews