This article is a guest post from MSI-ECS, distributor of Trend Micro products.
As love is already in the air, cybercrooks are hooking in victims with a supposed Valentine’s Day theme for their Facebook profiles.
Computer security firm Trend Micro said the new attack begins with a post on affected users’ walls inviting other users to install the theme into their profiles.
“Clicking the Install button on the page will prompt the download of the malicious file, FacebookChrome.crx, which Trend Micro detects as TROJ_FOOKBACE.A. When executed, TROJ_FOOKBACE.A executes a script that is capable of displaying ads from certain websites,” Trend Micro said in a blog post.
Trend Micro noted the attack works only on Google Chrome or Mozilla Firefox browsers. Once the malicious browser extension is installed, it will monitor the users’ browsing activities and redirect their page to a survey page asking them for their mobile number. Users who clicked on the post using Internet Explorer (IE) will be redirected to the same survey, without them being asked to download anything.
Trend Micro said that while there is monitoring of browser activity, TROJ_FOOKBACE.A so far does not seem to have any information theft techniques.
“It fits the criteria of a clickjacking attack more, where it automatically ‘likes’ several Facebook pages as well as automatically posts a message on the affected user’s wall,” it said.
Trend Micro protects users from this attack via Trend Micro™ Smart Protection Network™ that detects the malicious file and blocks all related malicious URLs.
Trend Micro products are distributed in the Philippines by MSI-ECS. For product information, pricing and availability, please contact +63 2 6883708 or email [email protected]
