Chrome, Firefox users targeted with account-hijacking plugins
Posted on 31.07.2013
Hijacked social networking accounts can be monetized in a number of ways, so cyber crooks are always thinking up new ways of doing so, preferably without the user noticing.

Trend Micro researchers have recently spotted a new campaign aimed at Facebook who are also users of Chrome and / or Firefox.

The lure is a link which apparently points to a video of a young woman committing suicide, and is delivered via Facebook posts. Users that can't resist this macabre inducement and follow the link are asked to download and install a fake video player update in order to view the video.

Unfortunately for them, the file is malicious and it's goal is to install a Chrome of Firefox browser plugin - depending on which browser is in use.

The plugins continue to masquerade as browser "service packs" or as an "F-Secure Security Pack":



But what they actually do is download a configuration file from a remote server, which allows and instructs the plugins to hijack the userís social media accounts on Facebook, Google+, and Twitter, and post updates, like pages, share and comment posts, join a group, invite others to it, chat with friends, and so on.

Interestingly enough, the offered malware is digitally signed. "It is not yet clear if this signature was fraudulently issued, or a valid organization had their signing key compromised and used for this type of purpose," notes researcher Don Ladores, but this can be enough for some users to be convinced of the legitimacy of the plugins.

Users are advised to exercise extreme caution when clicking on random links, especially when they incite such interest in them. Those who have fallen for the trick are advised to remove the plugins from the browser (via the Settings or Preferences menu) and to change the passwords on their social networking accounts.










Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //