AegisLab experts warn Facebook users to be on the lookout for posts advertising a video called “Cette fille a une araignee sous la peau et se la fait retiree.” The translation reads “This girl has a spider under her skin and has it removed.”
According to researchers, the scheme – which appears to be targeting French users – is designed to trick internauts into installing a malicious browser extension that takes over Facebook accounts.
When users click on the links from the shady posts, they’re taken to a Facebook page called “Videos choquantes” or “Shocking videos.”
Here, they’re instructed to install an “update package” in order to view the Facebook video.
The so-called update is an executable which installs a browser extension that allows the attackers to collect Facebook contacts and further spread the malicious links to their timelines.
This particular scheme once again shows that most “shocking videos” offered on Facebook and other social media websites are usually part of a cybercriminal campaign. That’s why, the best thing is to avoid them.
If you have already installed the malicious extension, be sure to remove it and all the posts it might have published on your behalf.