In an official post on the Microsoft Malware Protection Center, Microsoft has received reports and has identified a new threat that hijacks your Facebook profile. This threat is based on a malicious browser extension that targets Google Chrome and Mozilla Firefox.
“We have received reports about a wave of malicious browser extensions trying to hijack Facebook profiles. This threat was first discovered in Brazil. We detect it as Trojan:JS/Febipos.A. The malware is a malicious browser extension specifically targeting Chrome and Mozilla Firefox,” Microsoft stated in an official blog post.
Microsoft has made no mention if this malicious extension also targets Internet Explorer, but the company did specify that it is targeting Google Chrome and Mozilla Firefox.
This Trojan monitors a user to see if they are logged into Facebook. Once it sees that you are, it will attempt to get a configuration file from a website which includes a list of commands of what the browser extension should do. The malicious extension will then “Like” a page, share, post, join a group, invite friends into a group, chat to friends, and comment on a post without your permission or knowledge.
Microsoft believes there may be more to this threat since it can change its messages, links, Facebook pages, and other activity at any time. Microsoft recommends you keep your antivirus/antimalware product up to date with the latest definitions to stay protected.
