X

BEWARE! Facebook ‘Comment Tagging Malware’ Spreading Via Google Chrome

The social media platform, Facebook is undoubtedly the most used social media around the world. However, it has also become an attractive target for spammers, hackers and other cyber criminals as every now and then users complain about their account being compromised due to phishing or malware scam.

Currently, a new malware scam is infecting Facebook users via Google Chrome, in which they receive a notification in the app and/or in their email about a friend tagging in a comment and, upon clicking the link, a malware is downloaded on their device, according to Hackread. Though just downloading it won’t infect the device but could unknowingly infect their device by them clicking on the newly downloaded file.

It is not yet known if the malware only targets Google Chrome or if there are other browsers like Firefox and Opera that are experiencing similar problems. The issue has only been reported on Chrome.

One analyst on the network question and answer site said the file is a typical obfuscated JavaScript malware, which targets the Windows Script Host to download the rest of the payload. “In this case, it downloads what appears to be mainly a Chrome Extension (manifest.json and bg.js), the autoit Windows executable, and some autoit scripts which install them. All of these files are named with .jpg extensions on the (likely-compromised) server they are hosted, to be less conspicuous,” he said.

Here is the screenshot shared by one of the users showing a JavaScript encoded script file which was downloaded once on their device:

Hence, Facebook users are advised to be extra cautious before they end up clicking on something they’ll regret later.