Infected computer or devices can be used to send phishing messages to the owners’ Facebook friends, which will steal their online account credentials, personal and financial information.
Note: users of Android and iOS mobile devices are immune since the malware used libraries which are not compatible with these mobile operating systems.
Kaspersky Lab, a software security group that discovered the threat, recommends that online users who think that they may have been infected, to run a malware scan on their computers, or open their Chrome web browser and look for unexpected extensions. If there are unexpected extensions present, they should log out of their Facebook accounts, close the browser and disconnect the network cable from their computers, and get a professional to check for and clean away the malware.
They also advise online users to follow the basic cyber-safety practices:
- Install an antimalware solution on all devices and keep OS software up-to-date.
- Avoid clicking on links in messages from people you don’t know, or in unexpected messages from friends.
- Exercise caution at all times when online and on social media networks: if something looks even slightly suspicious, it probably is.
- Implement appropriate privacy settings on social media networks such as Facebook.