If you come across any message on Facebook Messenger with a video sent by anyone, even your best friend, do not try to see it.
Security researchers Kaspersky Lab identified a continuing multi-platform malware promotion campaign on Facebook Messenger. Facebook Messenger users get a video link that redirects them to a fake site asking them to install malicious software.
Οι επιτιθέμενοι χρησιμοποιούν κοινωνική μηχανική (social engineering) για να εξαπατήσουν τους χρήστες να κάνουν κλικ στον σύνδεσμο βίντεο, ο οποίος φέρεται να προέρχεται από έναν από τους φίλους τους στο Facebook, με το μήνυμα “ Βίντεο” ακολουθούμενο από έναν σύνδεσμο της υπηρεσίας bit.ly όπως φαίνεται .
Screenshot of JavaScript, which is an injector. its name is “injection.js” (ebc117c0cf03ad4b13184d1253862586)
The URL redirects the victims to a Google doc that displays a dynamically produced thumbnail, such as a playable movie, based on the images provided by the sender, which, if someone clicks, redirects it to another custom page, depending on your browser and operating system.
For example, its users Mozilla Firefox on Windows are redirected to a website that displays a fake Flash Player update notification and then offers a Windows executable file, which is a software adware.
Its users Google Chrome are redirected to a website that looks like the YouTube, ο οποίος εμφανίζει ένα αναδυόμενο μήνυμα, που αναγκάζει τα θύματα να κατεβάσουν μια κακόβουλη επέκταση του Chrome από το Google Web Store.
The extension is in fact a download application that downloads a file of the attacker's choice on the victim's computer.
Apple Mac OS X and Safari users end up on a website similar to that of using Firefox but adapted for MacOS users. It contains a false update to Flash Media Player, and with the click of the user it downloads a .dmg file which is also Adware.
The same is true for Linux users.
Attackers behind the campaign do not pollute the users of all malware platforms, but with adware that gives them ad revenue.
Let us mention once again that the curiosity killed the cat. We recommend that you think very carefully when viewing images or video links sent by anyone, even your friends. Verify with them and always keep your antivirus application up to date.
