Security experts at Trend Micro have been warning about this new malware. It has been christened FacexWorm and is masquerading as a Google Chrome extension. In this way, it manages to distribute itself. In addition, it seems to be related to other threats that were distributed in the past using Facebook Messenger.
FacexWorm: The malware masquerading as an extension in Google Chrome
In this case, the purpose of malware is to steal cryptocurrency from users. Therefore, users who handle virtual currencies should be especially careful in the face of this threat. Because they could end up with a robbery of their cryptocurrency.
New FacexWorm malware
Its distribution begins through a link in Facebook Messenger. This link is usually accompanied by a surprised face emoticon, which usually generates curiosity and makes the user click on the link. It also looks like this link will lead us to a YouTube video. But the reality is not like that. It’s a copy of YouTube they’re sending us to.
Also, when they go to see the video, a message appears on the screen saying that they must install a plug-in to view the video. Although this is not logical, there are users who make the mistake and that is when FacexWorm gets into the computer.
The good part is that it’s not something that’s happening too often. In fact, fewer attacks are detected with FacexWorm over the days but it is important that users with cryptocurrency are alert. Because this malware is capable of modifying purse addresses, as reported from Trend Micro.