We already had enough with those Judy adware, the wannacry and all. And, we are only on the verge of recovering from such attacks. Here comes another one, to create headaches. This time, it is the most popular social networking messaging app, the Facebook Messenger at gunpoint of cyber-crackers. So, all the Facebook Messenger users be vigilant. As some security experts have warned of adware attacks being implemented on this messenger.
The attack involves a series of sophisticated steps. Beginning from a malicious link containing message which supposedly fakes the receiver to believe it as a link of popular official websites. Instead, it is a trap which redirects you to somewhere. Ultimately, leading you to install a malware on your systems.
The proposed malicious activity was first observed by a security researcher, who received a suspicious message by his own contact on the Messenger. Exploring the seriousness and dreadness potential of the activity. David Jacoby, security researcher at Kaspersky Lab said: “This malware was spreading via Facebook Messenger, serving multi platform malware/adware, using tons of domains to prevent tracking, and earning clicks. The code is advanced and obfuscated”.
Modus Operandi of the Malware is as follows:
Begins by spreading malicious links via the Messenger. The accounts that are being used to spread the malware are mostly as result of stolen credentials, hijacked browsers, or clickjacking.
- User gets a message from a person on their own Messenger contact list(mostly videos or images)
- The user accepts the message and most probably opens it(Because he trust the sender, unaware that it is hacked)
- The message is architectured brilliantly that once opened, it spoofs the victim and ultimately make him/her install a malware.
Action of the Adware
These adware, gets installed as an extension for your favourite browsers(Chrome, Mozilla Firefox etc). These are actually programs that track your browser activity using cookies and display targeted adverts across the web. In some cases these shows ads those are socially engineered for the victim into clicking on them.
Each click on one of these adverts will generate revenue for those behind the scheme. The above scenario not only affects your browsing experience but also may invite some other more dangerous malwares capable of seizing your confidential data.
So, we the GoAndroid team requests our readers to be more careful while dealing with those messages. We prefer accessing only websites that use https protocol. Moreover, try to keep away from messages that you feel are suspicious. Well, keep in mind that precaution is always better than cure.