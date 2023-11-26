If you’re an avid Facebook user who loves to stay connected with the world, there’s an important news alert that you should be aware of. Cybersecurity experts at Kaspersky recently discovered a new malware threat targeting high-level professionals in the fields of Human Resources, Digital Marketing, and Social Media Marketing. This alarming discovery emphasizes the need for increased vigilance among internet users.

The modus operandi of this malware involves hackers sending malicious archives to unsuspecting victims. These archives are cleverly disguised as theme-based images and videos, tailored to suit a particular topic of interest. For example, if the theme is fashion, the archive may contain fashion-related visual content. Hidden within these folders are executable files masquerading as PDFs, thereby concealing their true ‘.exe’ extension.

Once the victim unknowingly opens the file, the PDF appears innocent, devoid of any suspicious activity. However, the malware script immediately goes to work, targeting shortcuts on the victim’s Desktop, Start menu, Quick Launch toolbar, and Chromium-based browsers. If the malware identifies a shortcut in an internet browser, it triggers a code that installs a malicious extension on the compromised device.

The entire process is executed seamlessly, culminating in the malicious script terminating the browsing process and urging the user to restart it using one of the modified shortcuts. As the victim clicks on the shortcut, the malware installs a replica of ‘Google Docs Offline’ as an extension. This extension then monitors the victim’s open tabs and transmits the collected data to a command-and-control (C2) server.

Facebook users become the prime targets as the infected extension scans for Ads and Business accounts before hijacking them. Additionally, the malware has the ability to steal session cookies stored in the browser, granting access to the victim’s account without the need for verification. According to reports, Indian user profiles bore the brunt of these cyber-attacks, although incidents were also detected in countries such as Pakistan, the USA, Germany, Ukraine, Vietnam, and more.

To safeguard yourself against such threats, it is imperative to exercise caution while browsing. Avoid downloading archives from unknown or suspicious links, and be wary of file types before opening any media on your device. It’s crucial to recognize that a ‘.exe’ extension is a potential indicator of malware. Additionally, always ensure that you have reliable antivirus software installed on your workstations to provide an extra layer of protection.

Stay vigilant and stay safe online!

Frequently Asked Questions (FAQ)

Q: How does the malware reach the victims?

A: The hackers send malicious files disguised as theme-based images and videos. These files are usually sent via email or through other messaging platforms.

Q: How can I protect myself from this new Facebook malware?

A: To protect yourself, avoid downloading files from unknown or suspicious links. Double-check the file type before opening any media on your computer. Installing reliable antivirus software is also recommended.

Q: Are there any specific individuals or professions targeted this malware?

A: Yes, individuals working in high-level positions in Human Resources, Digital Marketing, and Social Media Marketing domains seem to be the prime targets for this malware.

Q: Which countries are most affected these attacks?

A: The cybercriminals primarily targeted Indian user profiles, but incidents were also detected in countries such as Pakistan, the USA, Germany, Ukraine, Vietnam, and more.

Q: What happens if my Facebook account is compromised?

A: If your Facebook account is compromised, the hijackers can access your Ads and Business accounts, potentially causing significant harm to your online presence and reputation. It is crucial to take immediate action to regain control of your account and secure it.