Skip to main content
  1. Home
  2. Computing
  3. Mobile
  4. Web
  5. News

First truly successful Facebook Messenger malware bot has been identified

Add as a preferred source on Google

It has been reported that 10,000 Facebook users were tricked into installing malware this week, an infection that spread quickly by mimicking Facebook’s notifications feature inside Facebook Messenger. It just might be the most successful malware bot on Facebook’s Messenger platform yet.

Victims received a message “from a friend,” which stated that the friend mentioned them on Facebook. Clicking the link didn’t take users to a Facebook post, however, but instead installing a trojan complete with a Chrome extension that automatically hijacked the victim’s Facebook account. From there, the malware spread to more users.

Recommended Videos

“A successful attack gave the threat actor the ability to change privacy settings, extract data, and more, allowing it to spread the infection through the victim’s Facebook friends or undertake other malicious activity such as spam, identity theft, and generating fraudulent ‘likes’ and ‘shares,’” said a Kaspersky release on the malware. The malware would also blacklist the URLs for anti-virus software, making it harder to remove.

It seems as though only Windows desktop users were vulnerable to the infection, Kaspersky is reporting, though it’s possible the malware could spread on Windows phones. Android and iOS are immune. Infections occurred mostly in Brazil, Poland, Peru, Colombia, Mexico, Ecuador, Greece, Portugal, Tunisia, Venezuela, Germany, and Israel, according to Kaspersky.

“Two aspects of this attack stand out,” said Ido Naor, senior Security researcher at Kaspersky Lab. “Firstly, the delivery of the malware was extremely efficient, reaching thousands of users in only 48 hours. Secondly, the response from consumers and the media was almost as fast. Their reaction raised awareness of the campaign and drove prompt action and investigation by the providers concerned.”

Facebook has taken steps to slow the malware’s spread, and Google has removed the offending Chrome extension from the Chrome Web Store. So the malware should be slowed, for now, but if you’re worried about your computer be sure to run a malware scan today.

Justin Pot
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
A Windows 11 bug may be quietly eating hundreds of gigabytes of your storage
Windows 11’s storage-eating bug now has a fix from Microsoft
Windows 11 suffering from RAM crisis

If your Windows 11 PC suddenly looks low on storage, your downloads folder or game library may not be the problem. According to Windows Latest, a bug tied to a Windows system file can silently consume tens or even hundreds of gigabytes on the system drive.

The file in question is called CapabilityAccessManager.db-wal, and it sits inside Windows’ Capability Access Manager folder. Windows Latest says the issue may appear as unusually high “System files” usage in Windows 11’s storage breakdown, even though the Settings app does not clearly identify the exact file responsible. In some reported cases, users saw it grow to 200GB, and even more.

Read more
Your next Teams meeting could have an AI teammate that answers questions for you
Teams is getting smarter, cleaner, and quieter about it. The AI features are opt-in, the chat cleanup is automatic.
Computer, Electronics, Laptop

Microsoft Teams is getting a meaningful update that overhauls almost every part of how you use the app, from AI-assisted meetings to a cleaner chat layout. Most of the changes are already in testing, and several are scheduled to roll out before the end of the summer.

Starting with the most interesting addition: an upgraded AI Facilitator that can listen to your meeting, spot when someone seems confused, and generate a response (via Windows Report). 

Read more
A hacker’s arrest just revealed how Microsoft can track your Windows device
Microsoft knew what websites his Windows PC visited.
Windows 11 on a laptop

A teenager allegedly used a VPN to cover his tracks while hacking a US jewelry retailer, but Microsoft knew anyway.

Court documents unsealed in the US case against Peter Stokes, a 19-year-old dual US-Estonian citizen accused of being a member of the notorious Scattered Spider hacking group, reveal that Microsoft provided the FBI with records tied to a tracking mechanism called the Global Device Identifier, or GDID. 

Read more