Skip to main content

First truly successful Facebook Messenger malware bot has been identified

facebook messenger virus malware windows chrome facebookcomp head
Image used with permission by copyright holder
It has been reported that 10,000 Facebook users were tricked into installing malware this week, an infection that spread quickly by mimicking Facebook’s notifications feature inside Facebook Messenger. It just might be the most successful malware bot on Facebook’s Messenger platform yet.

Victims received a message “from a friend,” which stated that the friend mentioned them on Facebook. Clicking the link didn’t take users to a Facebook post, however, but instead installing a trojan complete with a Chrome extension that automatically hijacked the victim’s Facebook account. From there, the malware spread to more users.

“A successful attack gave the threat actor the ability to change privacy settings, extract data, and more, allowing it to spread the infection through the victim’s Facebook friends or undertake other malicious activity such as spam, identity theft, and generating fraudulent ‘likes’ and ‘shares,’” said a Kaspersky release on the malware. The malware would also blacklist the URLs for anti-virus software, making it harder to remove.

It seems as though only Windows desktop users were vulnerable to the infection, Kaspersky is reporting, though it’s possible the malware could spread on Windows phones. Android and iOS are immune. Infections occurred mostly in Brazil, Poland, Peru, Colombia, Mexico, Ecuador, Greece, Portugal, Tunisia, Venezuela, Germany, and Israel, according to Kaspersky.

“Two aspects of this attack stand out,” said Ido Naor, senior Security researcher at Kaspersky Lab. “Firstly, the delivery of the malware was extremely efficient, reaching thousands of users in only 48 hours. Secondly, the response from consumers and the media was almost as fast. Their reaction raised awareness of the campaign and drove prompt action and investigation by the providers concerned.”

Facebook has taken steps to slow the malware’s spread, and Google has removed the offending Chrome extension from the Chrome Web Store. So the malware should be slowed, for now, but if you’re worried about your computer be sure to run a malware scan today.

Editors' Recommendations

Justin Pot
Former Digital Trends Contributor
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
Facebook, Messenger, and Instagram reportedly suffer outages
is facebook working on a messenger assistant powered by real people

Facebook and Instagram experienced outages Monday afternoon, according to reports on DownDetector.

Users reported that both the Facebook website and Facebook Messenger were down. Instagram users also reported that direct messages were not working on the platform.

Read more
Facebook’s Messenger Rooms goes global to take on Zoom
facebooks messenger rooms goes global to take on zoom facebook

Facebook has launched Messenger Rooms globally.

The rollout of its Zoom-like videoconferencing service follows a limited release at the end of last month.

Read more
Facebook is releasing its answer to Zoom with Messenger Rooms
Messenger Rooms

Facebook is taking on Zoom head-on.

The social media giant announced Messenger Rooms, a video-calling feature that allows up to 50 users to start a virtual hangout with no time limit.

Read more