The status and popularity of Facebook and its Messenger as social media platforms are certainly not unnoticed by hackers in any shape or form. In yet another series of malware attacks, the viruses spread through video attachments in messages sent through the Messenger. The message itself may even be addressed by a person that is your Facebook friend, and you know them quite well since the hackers use various methods to lure their victims. Those include compromised Facebook accounts, hijacked browsers or a method called clickjacking that is a set of techniques that deceives the website visitor to click an unwanted element of another site.
No platform is safe
The moment Facebook introduced ads to its Messenger and started providing services like international money transfers, the social media giant became even more attractive for hackers to spread their malware. Their methods are also becoming more and more sophisticated, and this newly detected virus can be spread to all three Computer Platforms - Windows, MacOS, and Linux.
The virus was discovered by Kaspersky Labs researcher David Jacoby when he received a message from a Facebook friend with whom he is hardly in contact. Indeed, the message contained a video link, and Jacoby decided to make a detailed investigation.The method by which the virus spread is still unknown is it stolen credentials, browser hijacking or clickjacking, so the investigation is still ongoing.
The research did show though how the virus itself operates. By use of the so called social engineering, the attackers pretend to be somebody the user is familiar with, and the message reads, for example, "Peter Video," providing a link to a Google.doc. The document itself is sophisticated enough to take a photo of the victim's Facebook page and creates a dynamic landing page which looks like a playable movie.
The moment, the unsuspecting visitor clicks on the fake movie, he is redirected to a set of websites, which collect all the key information, including what type of browser and operating system they are using. Based on that information, they are directed to other websites.
Spam is the name of the game
By guiding their victims through a series of websites and using various tracking cookies, the hackers monitored the users' activity and based on the information they gather, display multiple ads, and through social engineering attempt to make them click on specific links, primarily drawing out a click from the user.
Protection from this and other similar malware seems quite simple - self-restraint. No matter how curious you might be, it is not advisable to click on any video files image files ending with .jpg, or .svg, even if they seem to be coming from somebody you know. In that case, it might be advisable to contact them first and see if it was them who have sent the file(s). Also, keeping your antivirus software up-to-date should be a part of your regular routine.
