Facebook Messenger used to spread adware

Cyber crooks are taking advantage of Facebook yet again. Recently, users started getting weird messages from their contacts on Facebook Messenger, linking them to a supposed video. Even at first glance, it is clear that it is some kind of malware or adware spreading technique but less experienced users might fall for it. Facebook creates the perfect environment for scams to flourish

Facebook Messenger used to spread adware

The message that leads to the infection will come from one or multiple friends on your Facebook friends list, and will be appear in this format: [your name] Video [shocked emoji] [link]. It is pretty obvious that it did not come from your friends because most Messenger spreading malware looks like this. But if you have never encountered or read about anything similar, you might not think twice about it and just click the link. The people behind this are counting on you to do so, so that they could make money from ad revenue.

Different browsers lead to different sites

Cyber security website BleepingComputer reports that depending on their geographical location and browser type, users get led to different websites when they open the link.

If you are using Mozilla Firefox, you will be led to a site offering a Flash Player. Obviously, it would be a fake installer, and if you were to download it, you would get adware.

Google Chrome users are led to a bogus YouTube site. It looks very similar to the real YouTube, only this one displays an error message. It claims that you need to install an extension to be able to watch the video. If you do download the extension, you probably just allow adware to enter.

Mac users using Safari are shown a Flash Update pop-up, similar to the one Firefox users get. Again, it looks pretty fake and if you were to press Install, you would get adware.

It seems the main objective is to infect as many users with adware, get their Facebook credentials and make income from ads. It does not appear to spread more serious infections, like data-stealing Trojans, but adware is still an annoying infection.

Avoiding infection

When you get similar messages, never click on them. Malicious messages are pretty easy to spot, and if you are ever in doubt, ask the person that sent the message. Inquire about the contents of the video and whether they meant to send it. If they have no recollection of sending it, ask your friend to change their account passwords so that hackers cannot take advantage of it again. And if you clicked on the link, change your password immediately and check your computer for adware.

Leave a Reply