Malware Alert: Rogue Firefox Extension Hijacks Browsers, Posts Spam on Facebook

Malware is starting to get scarier and scarier. It comes in various forms and spreads through multiple platforms and devices, from Android tablets (like the fake malware-infected Biophilla app) to Macs (remember the recent outbreak of the Flashback trojan?)

It also comes in the form of browser extensions. The security researchers from StopMalvertising have discovered a rogue extension for the Firefox browser that is capable of hijacking a user's browser sessions and posting content on Facebook.

The extension is currently being distributed through various adult websites and across Facebook pages. It tricks users into installing it by first telling them that their current Adobe Flash Player version is outdated. Once installed, the extension will load up additional websites that will lead to even more malware.

The internet user will visit additional websites in the background with the viral add-on installed, possibly participate in click-fraud and expose themselves to malware while surfing on those unwanted sites. When visiting Google for example, the script will fetch additional web pages in the background which may lead to malware.

-- StopMalvertising

If the users happens to be logged on to Facebook, the malware attempts to spread the infection further posting a spam video on the walls of people in your network with the following attention-grabbing title: "Kristen Stewart Was Taped Drunk & Having S#x!" This is followed by a link to a fake Facebook landing page where users will be asked to install 'Flash_Player_11.exe.'

Furthermore, when logged in on Facebook, the victim will spam a viral video to their friends, spreading the Trojan clicker even more.

-- StopMalvertising

If you spot any of these links or come across suspicious-looking content on Facebook, make sure to report them right away and warn your friends against clicking on any of them.

Article by Hazel Chua
Gigadgetry: Cool Gadgets, Tech News, Quirky Devices