Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Malware spread via Facebook Chat

Facebook chat messages containing malicious links are being sent from compromised Facebook accounts. The messages are typically sent to all of the compromised user’s friends.

The distribution of the malware includes the following steps

  • Legitimate website is hacked
  • A new folder is created on the hacked site including malware (an executable file)
  • Phony Facebook application pages are created which automatically link to the hacked site
  • Compromised Facebook accounts are used to spread chat messages linking to the phony Facebook applications and subsequently to the download of the EXE file.

The Facebook chat messages include text such as “hahahah foto” and the phony Facebook application pages are also photo-related such as “cytepic” and “artephotos”.

Facebook have been quick to remove the phony Facebook application sites. In addition the compromised site removed the malware posted on their site. The hacker’s page on the compromised site is still in place though.

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...