A new malware spreading via Facebook messenger

A new spam campaign has hit Facebook Messenger through the past few days. Users have received a video link that redirects them to a fake malicious website, attracting them to install malicious software.

The campaign has been discovered by security researchers from Kaspersky Lab and Avira, but how the malware spreads is still unknown. It may be from stolen credentials, hijacked browsers or clickjacking. The attackers use the classic social engineering to fool the user into clicking the link. The message reads “David Video” and then a bit.ly link.

According to Kaspersky:
“The link points to a Google doc. The document has already taken a picture from the victim’s Facebook page and created a dynamic landing page which looks like a playable movie.

When the victim clicks on the fake playable movie, the malware redirects them to a set of websites which enumerate their browser, operating system and other vital information. Depending on their operating system they are directed to other websites.”

According to Avira:
“Suspicious messages with a video link (“t.cn / bit.ly”) are shared within #Facebook messenger. Avira #Antivirus customers are protected!”

To be safe, users are recommended to avoid clicking on the malicious links and reporting the suspicious messages to Facebook.

Related posts

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars

Latest Octo Malware Variant Mimics Popular Apps Like NordVPN, Chrome