by August 5, 2013 0 comments

Social media aficionados, beware! The latest malware threat for you is here. Internet security software and network antivirus company, Trend Micro, has identified a threat lurking around social media sites targeting users of either Google Chrome or Mozilla Firefox.

The threat, apparently, uses fake extensions for both browsers to infiltrate user systems and hijack social media accounts – specifically, Facebook, Google+, and Twitter accounts.

In order to lure users into installing these fake extensions, the malware employs several tactics on social media sites and get them install a fake video player update. In reality, this player update is a malicious file – detected as TROJ_FEBUSER.A – that installs a browser plugin depending on the browser currently being used, stated Trend Micro.

One earlier version it had spotted on Google Chrome, detected as JS_FEBUSER.A, identifies itself as Chrome Service Pack 5.0.0. In the case of Mozilla Firefox, the fake plugin is Mozilla Service Pack 5.0.

Google Chrome has since flagged this particular plugin as malicious. An updated version of the plugin, detected as JS_FEBUSER.AB, is identified as F-Secure Security Pack 6.1.0 (for Google Chrome) and F-Secure Security Pack 6.1 (for Mozilla Firefox).


Once installed, it connects to a malicious URL to download a configuration file. It uses the details on that configuration file to hijack the user’s social media accounts and perform the following actions, without any authorization from the user: Like pages, share posts, join a group, invite friends to a group, chat with friends, post comments and update status.

As a result, the attackers are able to hijack the accounts of the users and could, for example, use them to spread links to other malicious sites.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.