Malware Hijacks Social Media Accounts Via Browser Add-ons


By: Zain Nabi  |   August 4th, 2013   |   News, Social Media

Security vendor Trend Micro recently spotted another threat around social media sites, which is most likely to hit people using Google Chrome, or Mozilla Firefox. These threats tend to use fake extension from these browsers so they can infiltrate the user’s system and hijack their social media accounts.

 

In order to install these fake extensions, you would have seen various social media sites trying to get you to download, or to update your video player. This is all just a scam so they can lead you into installing plug-ins and files to access the data being used on your browser. If you see any update version stating “Chrome service pack 5.0.0.”or “Mozilla service pack 5.0”, reject it.

 

Once installed, it can connect to a malicious URL, which allows it to download a configuration file that uses your details to hijack your social media account. They can perform actions like liking pages, sharing posts, joining groups, chatting with friends, updating status, and much more. These are the actions this threat can perform without your permission. The malware targets accounts on Facebook Google+ and Twitter accounts. The hijackers use your accounts to spread links to other malicious sites, subsequently hoping to hijack more accounts using your account.

 

It is pertinent to note that digital signatures are also being used by such malwares. Trend Micro said on its website:

 

“One more thing to note: the fake video player update is digitally signed. Digital signatures are a way for developers to prove that a file did come from them and has not been modified. Potential victims may take this to mean that the file is legitimate and harmless.”

 

That is why users are over and over again reminded to always be aware of such scams. Today cyber criminals are getting better and better at making their fraud look real. The more experienced they are, the better they can be at convincing people, and abusing legitimate services. Because of such issues arising Trend Micro has already blocked all the URLs that are associated with such threats.

 

Photo: MaximumPC

Leave a Reply

Your email address will not be published. Required fields are marked *