Facebook Messenger is in a tight spot at the moment. Even though the social media site is spending an excruciating amount of effort on keeping malware and other virus away from users, the messaging app came under heavy fire over the final months of 2017.
According to an investigation by Kaspersky Lab, hackers found a security exploit and swarmed the userbase with fake messages rigged with malware. If you carelessly follow the suspicious link, your account is either turned into a zombie proxy to continue spreading the corrupted messages or brainwashed into becoming a Bitcoin-mining slave.
Here’s the basic rundown of how the cyber takeover works. Let’s say you receive a message from an old friend via Facebook Messenger and the text seems a little weird since it includes the sender’s name, the word “Video” and a random smiley. Below it is a link, supposedly pointing to the video in question. Opening the link redirects the user to Google Drive, where it shows one of the sender’s pictures with a play button. Clicking on the icon might cause several redirections, only to warn people that they need to update certain software in order to play the video. This is the hook, since agreeing to do so will download the virus to your device.
Once the harm is done, users are left with an infected system that monitors their activity. The moment they log back into Facebook the malware copies their credentials, effectively creating a skeleton key of its own. Then the virus steals the contact list and chooses a set of new victims, sending them a message similar to the one that caused the original breach.
The Digmine virus works in a similar fashion. It targets people who are accessing Messenger via Chrome and baits people with the same fake video link, but instead of downloading malware victims are fooled into downloading a sneaky cryptocurrency mining bot that leeches their hardware power to generate money for the crooks.
As it stands now, Facebook has gated off the loophole that allowed people to send malware. However, the cryptocurrency-craze is still at large and new ways of exploiting people’s video cards surfaces every day.
Don’t get too agitated though, since the key to avoiding malware is in your hands. Exercise vigilance and a healthy dose of skepticism when receiving otherwise innocuous-looking links from a friend. If the message isn’t accompanied by a believable explanation, ask the sender about the shared content.
Malware is programmed to ‘possess’ someone’s account, meaning that it cannot reply to an inquiry. In most cases your friend will be just as clueless and, in fact, thank you for drawing attention to the issue. Beyond that, be sure to immediately stop following the link if you are forced to jump through several pages just to reach the content.
The sad reality is that a strong password won’t protect you from malware as they infest the device and steal the account credentials anyway. But don’t give up on the idea! If you suspect a security breach then immediately switch passwords, otherwise the hackers may return to the account multiple times to spread the virus. A password management program is best to have onboard to help storing the updates. And make sure to exorcise the system with a good antivirus every now and then.
On a final note, be on the lookout for fake games too. Facebook is chock full of funny little time-wasters, but occasionally an insidious trap passes into the vetting system. Even though fake games don’t qualify as viruses, they are programmed to siphon the player’s user credentialsand to trash the comment section with spam messages.
Share your thoughts, ask questions, and connect with other users. Your feedback helps our community make better decisions.
©2012-2025 Best Reviews, a clovio brand –
All rights
reserved
