Microsoft discovered malware aimed at obtaining Facebook users’ login information and taking over their accounts, and the new malware strain, Trojan:JS/Febipos.A, has been delivered in the form of extensions for Google Chrome and add-ons for Firefox. The only good news is that it appears to have been discovered only in Brazil thus far.
The Next Web reported that Internet Explorer and Safari appear to be immune from Trojan:JS/Febipos.A thus far.
According to The Next Web, the browser extensions or add-ons determine if users are logged in to Facebook and attempt to download configuration files that include lists of commands, enabling them to perform activities such as liking pages, sharing content, posting on other users’ Timelines, commenting on posts, joining groups and inviting friends to do so, and chatting with friends.
Microsoft concluded, as reported by The Next Web:
There may be more to this threat because it can change its messages, URLs, Facebook pages, and other activity at any time. In any case, we recommend you always keep your security products updated with the latest definitions to help avoid infection.
In other words, while the threat seems to be currently focused on targeting Facebook users in Brazil (its messages are all written in Brazilian Portuguese), it’s easy to see how the threat could be modified to target more users. The fact that it uses a configuration file shows that the criminals specifically designed it to be modular.
Readers: Have you ever fallen victim to malware on Facebook?