Facebook scammers host Trojan horse extensions on Chrome Web Store.
Cybercriminals are uploading malicious Chrome browser extensions to the official Chrome Web Store and using them to hijack Facebook accounts, according to security researchers from Kaspersky Lab. The rogue extensions are advertised on Facebook by scammers and claim to allow changing the color of profile pages, tracking profile visitors, or even removing social media viruses, a Kaspersky Lab expert said March 23.
He recently observed an increase in Facebook scams that use malicious Chrome extensions and originate in Brazil. Once installed in the browser, these extensions give attackers complete control over the victim’s Facebook account and can be used to spam their friends or to Like pages without authorization. In one case, a rogue extension masqueraded as Adobe Flash Player and was hosted on the official Chrome Web Store, the expert said.
By the time it was identified, it was already installed by 923 users. Uploading multiple rogue extensions on the Chrome store and running many Facebook spam campaigns to advertise them allows attackers to quickly compromise thousands of accounts. The accounts are then used to earn scammers money by Liking particular pages. The people behind these campaigns sell packages of 1, 10, 50, or 100 thousand Likes to companies who wish to gain visibility on Facebook.
Source: http://www.computerworld.com/s/article/9225536/Facebook_scammers_host_Trojan_h orse_extensions_on_Chrome_Web_Store?source=rss_security&utm_source=feedburne r&utm_medium=feed&utm_campaign=Feed:+computerworld/s/feed/topic/17+(Compu terworld+Security+News)&utm_