"Facebook color changer" app leads to malware, account hijacking
Posted on 11.08.2014
The change-your-Facebook-color scam is once again targeting inexperienced users of the social network, and they are once again falling for it. According to researchers from Cheetah Mobile, some 10,000 users have already been duped.

The scam takes the form of a malicious app:

Following the offered link leads users to a scammy website where they are instructed to view a color changer tutorial video, which will covertly steal the users' Facebook “access token," meaning that the scammers will be able to temporarily access their accounts and spread the scam further to their friends.

"If a user doesn’t view this video, it then tries a new way to spread the malicious software, by getting consumers to download a malicious application," warn the researchers.

"If a user is on a PC, the site leads them to download a pornography video player. If the user is on an Android device, it issues a warning saying the device has been infected and advises users to 'download now' a suggested app."

Users are advised to be wary of similar offers on Facebook, and those who have already fallen for the scam are urged to change their Facebook account password immediately, remove the "Facebook color changer" app from it, and use a legitimate AV solution to detect and remove any malicious software that might have been installed on their device.


Reactions to the IRS hack that impacted 100,000 people

Cybercriminals were able to successfully steal tax forms full of personal information of more than 100,000 taxpayers through IRS’ Get Transcript application. This data included Social Security information, date of birth and street address.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, May 28th