A malicious software is appearing as a link in an e-mail or Facebook message telling people they have been tagged by a friend in a Facebook post. When users go to Facebook and click on this link, they are sent to another website and prompted to download a browser extension or plug-in to watch a video, said researcher for an independent Italian security, Carlo De Micheli.
Once the plug-in is downloaded to the computer, attackers can access everything stored in the browser. This includes all accounts and saved passwords that are automatically saved to your computer when you visit a site. For this reason, it is important to tell your computer NOT to save your passwords.
This malware blocks access to the browser settings that allow it to be removed and also blocks access to websites that offer virus removal software. These attackers have now released another version of this malware targeting Firefox users.
“When we detect items containing malware or learn of them through reports, we remove them from the Chrome Web Store and from active Chrome instances,” said the spokeswoman, Veronica Navarrete, in a statement. “We’ve already removed several of these extensions, and are continuing to improve our automated systems to help detect them even faster.”
Mr. De Micheli said the attackers appear to be of Turkish origin, based on comments embedded in the software.
This is not the first instance of an attack through browser extensions. This software allows a Web browser to perform specific functions, like a smartphone app does. This attack appears to be one of the most extensive in the usage of technology.
Remember when you were told not to click on attachments? Now the same goes for browser add-ons, you may be allowing an attacker access to your accounts.
Follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest tech news and PC security alerts.
More than 800,000 Facebook users fall victim to password-harvesting browser malware, researcher claims – WeLiveSecurity
August 29, 2013
Malicious Software Poses as Video From a Facebook Friend – Bits
August 26, 2013