Tripwire, an online magazine covering cybersecurity and computer technology has reported on a malicious exploit discovery in the Facebook Messenger app. There is a new floating malware exploit hiding in your Facebook Messenger application. The malware consists of heavily obfuscated JavaScript code. The malware is able to be distributed by means of Facebook Messenger. The malware starts off as a “bit[.]ly” site, however, when a user clicks on the bit[.]ly site they are immediately directed toward a Google doc. Once the malware has been executed by clicking on the site and the Google doc has been clicked, it has already taken a picture from the victim’s Facebook page and has immediately created a landing page which is configured like a playable video script. The second stage of the malware infection starts when the victim clicks on the false playable picture icon. Once clicked, the malware immediately redirects the victim once again, and this time to a set of websites which enumerates the victim’s browser, operating system and other vital system operating components. As well, depending on the victim’s operating system, the malware can also redirect the victim to other malicious websites. The cybersecurity researchers at Redport IA, LLC does not exactly know at this time how the malware distribution vector works, but they do advise that users use caution when receiving Facebook Messenger messages with attachments.

By Dr. Randall Sylvertooth

Reference:
https://www.tripwire.com/state-of-security/latest-security-news/malware-spreading-via-facebook-messenger-serve-multi-platform-threats/



For more information about Redport’s information assurance and cyber security services, visit www.redport-ia.com, email us at info@redport-ia.com, like us on Facebook, and follow us on Twitter@redport_ia.

Gaithersburg, MD, USA