Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Malware spread via Facebook Chat

Facebook chat messages containing malicious links are being sent from compromised Facebook accounts. The messages are typically sent to all of the compromised user’s friends.

The distribution of the malware includes the following steps

  • Legitimate website is hacked
  • A new folder is created on the hacked site including malware (an executable file)
  • Phony Facebook application pages are created which automatically link to the hacked site
  • Compromised Facebook accounts are used to spread chat messages linking to the phony Facebook applications and subsequently to the download of the EXE file.

The Facebook chat messages include text such as “hahahah foto” and the phony Facebook application pages are also photo-related such as “cytepic” and “artephotos”.

Facebook have been quick to remove the phony Facebook application sites. In addition the compromised site removed the malware posted on their site. The hacker’s page on the compromised site is still in place though.

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...