If you come across any message on Facebook Messenger with a video sent by anyone, even your best friend, do not try to see it.
Security researchers Kaspersky Lab they detected an ongoing malicious promotion campaign software πολλαπλών πλατφορμών στο Facebook Messenger. Οι χρήστες του Facebook Messenger λαμβάνουν ένα link βίντεο που τους ανακατευθύνει σε έναν ψεύτικο ιστότοπο, ζητώντας τους να εγκαταστήσουν κακόβουλο λογισμικό.
Οι επιτιθέμενοι χρησιμοποιούν κοινωνική μηχανική (social engineering) για να εξαπατήσουν τους χρήστες να κάνουν click στον σύνδεσμο βίντεο, ο οποίος φέρεται να προέρχεται από έναν από τους φίλους τους στο Facebook, με το μήνυμα “ Βίντεο” ακολουθούμενο από έναν σύνδεσμο της υπηρεσίας bit.ly όπως φαίνεται .
Screenshot of it JavaScript, which is an injector. its name is “injection.js” (ebc117c0cf03ad4b13184d1253862586)
The URL redirects the victims to a Google doc that displays a dynamically produced thumbnail, such as a playable movie, based on the images provided by the sender, which, if someone clicks, redirects it to another custom page, depending on your browser and operating system.
For example, its users Mozilla Firefox on Windows are redirected to a website that displays a fake update notification Flash Player and then offers a Windows executable file, which is an adware software.
Its users Google Chrome redirected to a YouTube-like site displaying a pop-up message that causes the victims to download a malicious Chrome extension from the Google Web Store.
The extension is in fact a download application that downloads a file of the attacker's choice on the victim's computer.
Apple Mac OS X and Safari users end up on a website similar to that of using Firefox but adapted for MacOS users. It contains a false update to Flash Media Player, and with the click of the user it downloads a .dmg file which is also Adware.
The same is true for Linux users.
Attackers behind the campaign do not pollute the users of all malware platforms, but with adware that gives them ad revenue.
Let's mention once again that curiosity killed the cat. We recommend that you think very well when you see pictures or video links sent by anyone, even your friends. Verify with them and keep your antivirus app up-to-date.