Just Say NO to Facebook Messenger Malware

Category: Facebook , Security

Fly fishermen are always tying new flies, refining the tricks they play on trout and other piscean species. Likewise, phisher-men in the digital waters constantly try new ways to get you to bite on their hook, which is baited with malware. Recently, researchers at Kaspersky Lab reported a fancy new “fly” involving Facebook’s Messenger, the bigger, better messaging app that Facebook is pushing to replace that awful, tiny, temperamental chat box. Read on to see how Messenger has been used to deceive users into clicking links that lead to loss...

How Does the Messenger Scam Work?

Before we begin, let me underscore that Facebook Messenger is not malware (at least not in the commonly-accepted definition of the word). It's a tool that clever hackers have found a way to exploit for evil. The same thing can be said of your favorite messaging app, email program, web browser, or word processor. But today, we're focusing on a nasty trick played on Messenger users. Here's what you need to know:

First, you receive a Messenger message from a Facebook friend. You “know” it’s your friend by his profile picture in the message, right? Wrong. That’s an image that anyone can download and use for any purpose, including nefarious ones.

Lulled by your friend’s face, you obligingly click on the link right underneath the message, which is short and to the point: “ Video.” What happens next depends on what browser you are using.

Facebook Messenger Malware

Click on that “video” link while using Chrome and you will be whisked away to Google Drive. There you will see something like a YouTube video page complete with a control panel, a “Play” button, and in the background the comforting photo of your pal. What could go wrong?

First, no YouTube page will ever ask your permission to install a browser extension, as this fake does. If you fall for that trick by agreeing to the “extension’s” installation you are, in fact as well as effect, telling Windows’ security to “go ahead and run this unknown program from an unknown source.” What happens next?

The unleashed malware instantly sends Messenger messages to all of your friends; they are exactly the same as the phish that you received only with your profile photo instead of your friend’s. The vicious cycle of infection and re-infection continues.

Users of other browsers are told they need to update Adobe Flash Player instead of a browser extension. That malware turns out to be adware designed to generate profits for the hackers. But that’s not all the damage this one little “video” link does!

A Bit of Background Geekery

For Chrome users, the fake extension begins to monitor all of the sites they visit. When a victim visits Facebook and logs in, the extension steals those credentials and Facebook’s “access token” that gives apps temporary access to Facebook’s API (Application Programming Interface). These precious bits of data are sent back to the hackers. Let’s see how they are used.

The stolen user credentials get the malware logged into Facebook, perhaps as you! The malware then uses the access token to send Javascript commands to Facebook’s back-end via the API. But the malware is also impersonating one of several mainstream Facebook apps that still use the obsolete Facebook Query Language (FQL) to search for, compile into SQL databases, and download all sorts of data about Facebook users.

Have you ever seen a warning that an app wants permission to “access your contacts?” That’s what this malware is after with its FQL queries. It then quickly chooses 50 of your contacts at random from among those presently online, and sends that one-word bait, “video,” plus the link that starts the unholy chain of events all over again.

Eternal Vigilance, Blah, Blah, Blah

Several teams of security researchers from all over the world joined together to stop this threat. But another like it will arise - many others, now that the modus operandi has been published. The next one may use bait more sophisticated than the word “video…” which, unless you have very taciturn friends, is a telltale sign that something is amiss.

The moral: Be careful on Messenger, in your email inbox, and any other place where you are tempted to click a link before engaging your brain. No anti-virus software can protect from all known threats, especially the rapidly-evolving types of malware more common today. As I've said before, a simple phone call (or text message) to the alleged sender of a questionable link can confirm if it's bogus or benign.

Your thoughts on this topic are welcome. Post your comment or question below...

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 21 Feb 2018

For Fun: Buy Bob a Snickers.

Prev Article:
Et tu, Intel? Vaunt Smartglasses Better Than Google Glass?

The Top Twenty
Next Article:
Geekly Update - 22 Feb 2018

Most recent comments on "Just Say NO to Facebook Messenger Malware"

Posted by:

Lady Fitzgerald
21 Feb 2018

Just say NO to Farcebook, period.

Posted by:

21 Feb 2018

I fear it's gone well past the point of "video" in the subject line already.
3 times in the last week I've received Messenger videos with the caption "Is this you, Rick?" personally using my name to get me to click on the supplied video link. All three times it turned out my friends had been hacked in this manner.
Rule of thumb, never click on any video links in Messenger.

Posted by:

Jay R
21 Feb 2018

The Farce is with us, Lady F. I truly believe that I will have no success in changing my kids minds. It's one way that I keep up with them. I never click on links until I make that phone call. (If you're thinking of clicking, pick up the phone!) The last video I confirm was actually from one of my daughters. And my church has a closed group on FB. Oh, well.

Posted by:

21 Feb 2018

I have been on Facebook 2 times, and got a trojan each time. The last time, Facebook told me my 16 character login was not secure (upper and lower case, numbers and symbols), and I needed to change it. So as a test, I changed it to a name with 4 letters, 2 upper case and 2 lower case, with a 2 digit number. Facebook said that was great. That proved my point. I set the new password, logged out, did something else for 15 minute4s, logged back in with the new password and canceled the account. That was about 5-6 years ago. I have not been back and don't miss it. In addition, I am on no other social media sites, and won't be. If I lived next door to you, you would not tell me where your spare key is hidden, your checking account number, and when a where you are goimg on vacation. But you would post it on Facebook thinking that only your "friends" can see it. It is my opinion that most social media and the ways they are are used are dangerous. Now they offer a messaging app for kids! When will we learn??
Also, I regularly get junk emails through my Microsoft email account with a subject of "Is that you (insert any name you wish)?" That is in addition to the ones for Canadian drugs and hot foreign women looking for husbands, etc. I immediately delete them.

Posted by:

21 Feb 2018

I received the same one asking if this was me and I clicked on the youtube video. So far I've not heard of anyone getting messages from me but are there anyway I can tell if any thing remains on my puter?

Posted by:

21 Feb 2018

I remain on Facebook for only two reasons: to follow my niece's softball games and to search local shelters for a dog. That's it. Never trusted Facebook, and its censorship and ultra-liberal sidebar "news" has become sickening.

Posted by:

Mark H.
21 Feb 2018

For me, the easy way to limit exposure is to not use social media. Family and friends know I can be reached by phone, SMS or e-mail.

Posted by:

21 Feb 2018

In the case of both Google and Facebook, three talented students in their 20's came out of obscurity to establish multi-billion dollar enterprises. Do you suppose they had some help?

Let's look at headlines that should cast no doubt about the true character of CIAbook:

Facebook's Zuckerberg Says The Age of Privacy is Over -

Facebook's Mark Zuckerberg says privacy is no longer a 'social norm'

Facebook - the CIA conspiracy

The Face of Facebook - (Pay particular notice to the IMs that got leaked and confirmed to be true by the New Yorker)

Facebook & Social Media: A Convenient Cover For Spying -

US spies invest in internet monitoring technology - Quoted from this article: ''In an attempt to sift through the blizzard of information, the investment arm of the CIA, In-Q-Tel, has invested in a software firm that monitors social media.''

Nihilists of The World Unite: Wikileaks Is The "Cognitive Infiltration" Operation Demanded by Cass Sunstein -

Posted by:

21 Feb 2018


More reasons not to use Facebook, Facebook Messenger, Google, and Chrome. Good, old fashioned email works just fine for keeping in touch. Plus, there are plenty of great alternatives for browsing and searching the net.

Why follow the "herd" and get slaughtered?

Posted by:

21 Feb 2018

Like LadyF, you sure piqued my curiosity with the first 4 words of your subject line.
However, I knew better to think/hope that the fifth word of your subject line would be "google".
I strongly feel that google is the biggest invasive species in the universe.
I plan to purge my (last remaining) gVoice account; so that I could permanently lead a life w/o google-anything. It is not going to be an easy feat since WindowsPhones are no longer a viable alternative to this google empire.
Even then, majority of those whom I contact is using an Android phone; making my plans nothing but a pipe-dream!

Posted by:

Lady Fitzgerald
21 Feb 2018

@RandiO I totally agree with you about Google's evasiveness! I avoid anything Google, such as Google Search (I use Startpage), GMail, Chrome browser, etc. like the plague.

I agree with others about not depending on Social media to communicate with friends and family. Telephone, email, and snail mail work just fine for me. I don't even have a smart phone, partially for privacy reasons (also because I'm retired on a so called fixed income and don't "need" that monthly data bill). I do have a dumb as rocks flip phone that has the GPS, text messaging, and voice mail disabled. I turn the phone on only when I'm going to actually use it, which is rarely.

@JR Who's in charge in your family? You or the kids? If they refuse to stay off Farcebook, take away whatever is necessary to drive the point home, such as their phones, computer privileges, ground them, etc.

Posted by:

Lady Fitzgerald
21 Feb 2018

On my previous post, evasiveness was supposed to be invasiveness (I plead Senioritis).

Posted by:

21 Feb 2018

Facebook invades your browser to look at your browsing history, then targets you with ads that reflect that interest. I avoid this by using a separate browser (Opera) only for Facebook.

Facebook also cynically take money from advertisers of blatant snake oil products, magic potions and cure-all jollops. A disgraceful business ethic.

Posted by:

John O
21 Feb 2018

Here, Here Just say no to Facebook.
Fake living ! Some still use it between friends (real friends) but like every other thing that is built on trust it is now under attack by people with now moral code or concern for others.
It isn't if you will be screwed by association with Facebook, just when.

Posted by:

21 Feb 2018

I've received all these things and more but have a code that I follow. Much the same as mail or phone fraud scams. Hang up and call the person or go to your email and email the person or your friend list etc. and ask them wtf they are sending this crap for if it was them and if not then tilling them they have been hacked.

Unfortunately most people getting your posts already know better. Its the sheeple that fall for these things.

Posted by:

Bob Deloyd
21 Feb 2018

I use FaceBook and have reunited with many of my childhood friends. It's a wonderful place and you won't get harmed if you don't use it foolishly. I have never gotten any malware or viruses from FB and I've been using it from its beginnings. Like all things in the world; be vigilant and don't be stupid... if you're not sure don't click... granted there are some who should just stick to email, but they also seem to muck that up too and complain; these people should stay off the internet and stick with landline phones and snail mail :)

Posted by:

22 Feb 2018

As Bob Deloyd says "be vigilant and don't be stupid". Should you stop driving because you might have an accident? Have you stopped taking medication because it might have harmful side effects? No, you've learned to manage all kinds of safeguards in everyday life. I value the connection to friends and family Facebook provides, and I'm smart enough and vigilant enough to be safe. It's your responsibility, don't think someone else is going to do it for you. Pay attention to Bob Rankin, it's the best help/instruction you're going to get.

Posted by:

22 Feb 2018

Thank you Bob Deloyd and Sally. For a minute I thought every post was going to be of the "get off my lawn" type. I'm glad to see there are people that do find social media for what it is. We all need to be careful in everything we do. I also thank Bob Rankin for the service he is providing to the online community.

Posted by:

25 Feb 2018

I rarely use Facebook & I never use Messenger. It's more trouble than it's worth to go from my regular e-mail & log into Facebook to get a message. Those who know me know my regular e-mail & they can contact me that way or not at all.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML

Article information: AskBobRankin -- Just Say NO to Facebook Messenger Malware (Posted: 21 Feb 2018)
Source: https://askbobrankin.com/just_say_no_to_facebook_messenger_malware.html
Copyright © 2005 - Bob Rankin - All Rights Reserved