Beware Facebook ‘Comment Tagging Malware’ Spreading via Google Chrome

IF YOU RECEIVE A FACEBOOK NOTIFICATION REGARDING A FRIEND TAGGING YOU IN A COMMENT BE VERY CAREFUL BEFORE CLICKING ON THE LINK IT CAN BE A JAVASCRIPT MALWARE FOUND TARGETING USERS LATELY!

Facebook is undoubtedly the most used social media around the world and that’s what makes it an attractive target for cyber criminals as every now and then users complain about their account being compromised due to phishing or malware scam.

Must Read: Advanced New Destructive Malware named Stone Drill Discovered in the Wild

Currently, a malware scam is infecting Facebook users in which they receive a notification in the app and/or in their email about a friend tagging in a comment, upon clicking the link, a malware is downloaded on their device. Though just downloading it won’t infect your device but users who are not aware of how scammers target people may click the downloaded file and infect their devices.

This malware is mostly targeting Chrome users. It is yet unclear if Firefox or other browsers are affected by the scam or not. One possibility is that users receiving such notifications have had one of their friends hacked and crooks are using their browser to target other contacts.

Here is an exclusive screenshot shared by one of our friends showing a JavaScript encoded script file which was downloaded once on their device:

beware-widspreading-facebook-comment-tagging-virus-2
If downloaded delete this file asap and avoid executing it

The malware scam is currently under discussion on the Stack Exchange where the victim has been stating their experience after being tricked into downloading the infected files. According to one of the analysts on the discussion the researcher said that:

Must Read: Apple “Mac OSX” credential are stolen by Malware named “keydnap” provide remote access to hackers

“This is a typically obfuscated JavaScript malware which targets the Windows Script Host to download the rest of the payload. In this case, it downloads what appears to be mainly a Chrome Extension (manifest.json and bg.js), the auto Windows executable, and some AutoIt scripts which likely include some form of ransomware. All of these files are named with .jpg extensions on the (likely-compromised) server they are hosted, to be less conspicuous.”

This is not the first time when cyber criminals have used Chrome browser to infect and compromise users. In the past there were several cases in which Chrome was negatively used such as 1: fake Google Chrome update leading to Android malware stealing personal data , 2: Hackers transforming malware into Chrome lookalike browser and infecting users , 3: Facebook being hit with a malware disguising as Google Chrome video installer , 4: Fake Google Chrome update leading to dangerous CTB Locker/Critroni ransomware

If you witness any phishing or malware scam on Facebook click here to report it and stop cybercriminals from stealing your data.

 

Must Read: Hit by ransomware? Don’t pay the ransom! We got you covered by Free Tools

Must Read:  Facebook forces users to download & Scan PC for malware before accessing account

Leave your vote

692 points
Upvote Downvote

Total votes: 0

Upvotes: 0

Upvotes percentage: 0.000000%

Downvotes: 0

Downvotes percentage: 0.000000%

Written by Lauren Brien

Feel free to share your idea, post, comment, video, improve existing posts and vote for the best one.

Collaborate & stay connected.

Leave a Reply