• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Facebook

FacexWorm Targets Cryptocurrency Trading Platforms, Abuses Facebook Messenger for Propagation
  • Posted on:April 30, 2018 at 6:03 am
  • Posted in:Bad Sites, Malware
  • Author:
    Joseph C Chen (Fraud Researcher)
0

Our Cyber Safety Solutions team identified a malicious Chrome extension we named FacexWorm, which uses a miscellany of techniques to target cryptocurrency trading platforms accessed on an affected browser and propagates via Facebook Messenger.

FacexWorm isn’t new. It was uncovered in August 2017, though its whys and hows were still unclear at the time. Last April 8, however, we noticed a spike in its activities that coincided with external reports of FacexWorm surfacing in Germany, Tunisia, Japan, Taiwan, South Korea, and Spain.

Read More
Tags: ChromecryptocurrencyFacebookFacexWormMessengermining

GhostTeam Adware can Steal Facebook Credentials
  • Posted on:January 18, 2018 at 12:03 am
  • Posted in:Malware, Mobile, Social
  • Author:
    Mobile Threat Response Team
0

We uncovered a total of 53 apps on Google Play that can steal Facebook accounts and surreptitiously push ads. Many of these apps, which were published as early as April 2017, seemed to have been put out on Google Play in a wave. Detected by Trend Micro as ANDROIDOS_GHOSTTEAM, many of the samples we analyzed are in Vietnamese, including their descriptions on Google Play.

Their command-and-control (C&C) server points to mspace[.]com[.]vn. This, along with the considerable use of Vietnamese language, may indicate that the apps were from Vietnam. For instance, GhostTeam’s configurations are in English and Vietnamese. English will be the default language if the malware detects the geolocation to be outside Vietnam.

Read More
Tags: adwareFacebookGhostTeam

Digmine Cryptocurrency Miner Spreading via Facebook Messenger
  • Posted on:December 21, 2017 at 6:01 am
  • Posted in:Malware, Social
  • Author:
    Trend Micro
0

We found a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (비트코인 채굴기 bot) it was referred to in a report of recent related incidents in South Korea. We’ve also seen Digmine spreading in other regions such as Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. It’s not far-off for Digmine to reach other countries given the way it propagates.

Read More
Tags: cryptocurrency minerDigmineFacebook

Reconnaissance via Professional Social Networks
  • Posted on:June 2, 2015 at 9:47 am
  • Posted in:Targeted Attacks
  • Author:
    Cedric Pernet (Threat Researcher)
0

Are professional social media sites the weak link in companies’ security strategies? Before (and during) a targeted attack, information about the target organization and its employees is useful to an attacker. This can be used to craft well-designed social engineering attacks that are more likely to be opened by its targets. It can also provide more…

Read More
Tags: Facebookintelligence gatheringLinkedInreconnaissancesocial networkstargeted attacks

Chrome Lure Used in Facebook Attack despite Google’s New Policy
  • Posted on:May 26, 2015 at 10:39 pm
  • Posted in:Malware, Social
  • Author:
    Christopher Talampas (Fraud Analyst)
0

Just how effective is it for cybercriminals to keep using Google Chrome and Facebook to infect their victims with malware? We’ve already seen both platforms be used as parts of malicious social engineering schemes. Both Google and Facebook are aware of this and have taken steps to protect their users. The number of times malicious…

Read More
Tags: FacebookGoogle ChromeKILIM
Page 1 of 1012 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group
  • January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs
  • Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year-old XHide
  • Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps
  • Outlaw Hacking Group’s Botnet Observed Spreading Miner, Perl-Based Backdoor

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.