Cyber security specialists have discovered a new type of virus, which is distributed through the Facebook Messenger application. The malicious bot uses a lot of infected computers for cryptocurrency mining at the expense of the affected users. New malicious software distributed through Facebook Messenger, called Digmine. Like many similar exploits, the bot uses infected systems to run one of Monero's most beloved hackers.
Digmine was first discovered in South Korea, then in Azerbaijan, Ukraine, Vietnam, the Philippines, Thailand and Venezuela. The bot spreads very quickly, using captured systems to infect new computers. It is expected that soon the virus will be found in other countries.
Facebook Messenger to Google Chrome
Digmine is sent to victims masquerading as a link to a video file when it is actually an executable script. It affects Facebook Messenger's desktop and web versions using the Goggle Chrome browser. Once in control of Chrome, it uses the browser to download additional tools for its clandestine mining operation.
In addition, if the user's Facebook account is set to log in automatically, Digmine will hijack Messenger to spread the the file to all of the account holder's friends. The use of Facebook is currently restricted to spreading the malware, but "it wouldn't be implausible for attackers to hijack the Facebook account itself down the line," the researchers explain.
The researchers shared their findings with Facebook which removed many of the links to Digmine from its messenger app. The company stated that:
"We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger. If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners."
by Author