On June 26th, 2016, thousands of Facebook users discovered that they had been tainted by a virus after they got a message from a Facebook friend by way of “mention”. According to Poynter Institute, Facebook Mentions are the fraternal twin to Twitter’s @mention feature. When you update your status on Facebook and type @ followed by the first few letters of a friend’s name, a drop-down menu appears, allowing you to select the friend, or in this case, the victimized.
Kapersky labs investigated the desktop-targeting/ two-part digital attack on Facebook users that was executed, and it was soon discovered that the digital attack was hitting targets around the world.
The first stage of the attack started when the user clicked on the “mention”. A malicious file seized control of their browsers, terminating their browser session and replacing it with a malicious one that included a tab to the legitimate Facebook login page – this provided the attackers with a rabbit hole through which they could hijack the user’s Facebook session and permissions and send out malicious notifications to the victim’s Facebook friends.
Upon logging back into Facebook the victim’s session was hijacked in the background and a new file was downloaded. This represented the second stage of the attack, as embedded in this file was an account-takeover script that included a privacy-settings changer, account-data extractor and various other tools that could be used for further malicious activity, such as spam, identity theft and generating fraudulent ‘likes’ and ‘shares’.
The most affected countries were Brazil, Poland, Peru, Colombia, Mexico, Ecuador, Greece, Portugal, Tunisia, Venezuela, Germany and Israel.
The Kaspersky Security Network (KSN) recorded right around ten thousand disease endeavors the world over in the span of only 48 hours. Though Facebook has now mitigated this threat and implemented blocking techniques used to spread malware from infected computers, it’s important to do your part as an Android user.
Psafe Total has an effective team that is always keeping eye on new malwares/threats for users.
Ensure your device isn’t at risk by scanning for threats.
Run a Full PSafe Total AV Scan
A massive password leak has triggered a global security alert: Cybernews researchers identified an exposed…
A QR code on a bar table could hide a phishing link. Learn how to…
Before you keep reading, imagine this: You receive a message warning that your account is…
You’re at an airport and need to open your banking app. Which would you choose:…
What would you do if someone claiming to be a U.S. Marshal called and said…
Kickoff is minutes away. You search for a 2026 World Cup stream and receive a…