A new advanced malware is spreading via Facebook's Messenger app, researchers have warned.
Kaspersky Labs researcher David Jacoby came across the malware after a Facebook friend sent him a link to a purported video file in Messenger. The link, when clicked, triggered the infection via a Google Docs file.
The Google Docs file is a fake video that redirects users to several websites that extract information such as operating system and web browser type.
Moving users through a set of websites allows the malware writers to plant tracking cookies on web browsers to monitor victims' activity, and display ads.
Jacoby said the malware works across Windows and macOS, and is independent of browser type.
The malware also attemps to download more files, although Jacoby noted that they were adware and not malicious code like Trojans and exploits.
It is unclear how the malware spreads via Messenger. Jacoby speculated it could be through stolen user credentials, browser hijacking or clickjacking. He is conducting further research to find the dissemination vector.
Users are advised not to click on random links from Facebook friends in Messenger.
_(20).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
