There’s a particularly nasty new malware campaign being orchestrated via Facebook, and all users are advised to steer clear of clicking on links in Facebook’s messenger service, even if you know the recipient.
There are a few reasons this attack is worth paying special attention to:
First, as yet, no one has been able to identify the attackers, nor has anyone stepped forward to claim credit. The hackers, whoever they are, are content to continue operating in the shadows, which is always troublesome.
Second, it’s a cross-platform attack, and can affect Windows, Linux, iOS and Android devices.
Third, it’s an incredibly sophisticated attack. Depending on what OS you’ve got, clicking on the link will redirect you to a landing page custom made for your browser and operating system. Chrome users, for instance, might see a page that spoofs YouTube, with an invitation to download a new Chrome extension to view a particular video.
Mac users might see a notification that they need to update their Adobe Flash player, and so on.
In every case, of course, the person who clicks on the file offered for download isn’t getting what was promised, but adware instead, and there’s nothing to prevent the hackers from upping the ante and infecting these users with something far worse than that (ransomware, keyloggers and the like).
In any case, the attack seems to be growing in both scope and scale, and as yet, there’s not a firm plan in place to stop it, or even slow it down. Your best defense is to simply avoid clicking on links sent to you, even by people you know, because the hackers can easily spoof someone’s Facebook identity to make it appear that it’s coming from a trusted friend, or simply use a compromised Facebook account to the same effect.