Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Malware spread via Facebook Chat

Facebook chat messages containing malicious links are being sent from compromised Facebook accounts. The messages are typically sent to all of the compromised user’s friends.

The distribution of the malware includes the following steps

  • Legitimate website is hacked
  • A new folder is created on the hacked site including malware (an executable file)
  • Phony Facebook application pages are created which automatically link to the hacked site
  • Compromised Facebook accounts are used to spread chat messages linking to the phony Facebook applications and subsequently to the download of the EXE file.

The Facebook chat messages include text such as “hahahah foto” and the phony Facebook application pages are also photo-related such as “cytepic” and “artephotos”.

Facebook have been quick to remove the phony Facebook application sites. In addition the compromised site removed the malware posted on their site. The hacker’s page on the compromised site is still in place though.

You might also like

Protect Office 365 Email from Ransomware

Ransomware is continually evolving. It has become the “most prominent malware threat”, with experts estimating that ransomware attacks in 2021 resulted in total damage costs of $20 billion. While there is no ransomware that specifically targets Office 365 data, it can...