14 DAY TRIAL // Experts from Microsoft’s Malware Protection Center have spotted a new rogue web browser extension that’s capable of hijacking Facebook accounts. The extension is designed to work with Firefox and Chrome and it targets users from Brazil.
Once it’s installed, the threat, Trojan:JS/Febipos.A, monitors the victim’s activity, waiting for them to log on to their Facebook accounts.
Then, it contacts a command a control server from which it retrieves a file containing a list of commands that will be executed.
The Trojan is capable of “liking” pages, sharing posts, publishing posts, joining groups, inviting friends to a specified group, chat to friends, and even post comments. All this from the victim’s compromised profile.
The number of “likes,” comments, and shared link “likes” on the Facebook pages observed by Microsoft experts increased by the hour, which means that a lot of computers have been infected by the Trojan.
“There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time,” Microsoft’s Jonathan San Jose noted.