Hackers wrote a small malware which is spread through Facebook messenger to search for cryptocurrency. Distributed through a special bot program, it provides communication with the server from which commands...
Hackers wrote a small malware which is spread through Facebook messenger to search for cryptocurrency.
Distributed through a special bot program, it provides communication with the server from which commands are sent to the infected computer.
The miner is installed through a malicious extension for the Google Chrome browser. Like most browser miners, Digmine extracts Monero which is popular due to its anonymity and low transactions fees.
Cyber security experts from Trend Micro, who were the first to detect the danger, reported that attackers send archives of the form video_xxxx.zip (instead of "x" - four digits) to the messenger users in which there is an executable file that infects the computer with a miner (and is not a video). To infect it, it is necessary for the user to launch the file himself. Only PC users are at risk, as the program will not work on a smartphone.
Despite the rather simple way in which a computer is infected and the fact that it is sufficient to simply not click on the link to prevent it, the miner has spread to users' devices from a number of countries: South Korea, Vietnam, Azerbaijan, Ukraine, Thailand, Venezuela, and the Philippines.
Soon after the threat message appeared, Facebook employees began blocking malicious links. But to resume the hacking it's enough to simply change the address and then they can continue to earn cryptocurrency from the infected computers of messenger's users.
It is interesting to note that recently one of the developers of Google Chrome raised the issue of adding built-in protection to the browser against such miners in the browser.
Share this with your friends!