Cyber criminals are planting malicious Google Chrome extensions that hijack Facebook accounts in the official Chrome Web Store.
Malicious browser add-ons and extensions are not new, but putting them in the official Chrome Web Store is making it easier for cyber criminals to pass them off as legitimate Chrome extensions.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Scammers typically place ads on Facebook claiming the malicious extensions will enable users to do things like change the colour of their profile or discover who visited their profile.
Once installed, however, the extensions give cyber criminals control over the user's Facebook account, enabling them to use it to spam all contacts with malware.
The malware also automatically "likes" certain Facebook pages as part of a pay-per-like scheme set up by the cyber criminals to generate revenue.
Google has removed malicious extensions reported by security firm Kaspersky Lab, but the firm's security researcher Fabio Assolini said malicious extensions are uploaded by criminals regularly.
Kaspersky Labs discovered the scams in Brazil. Most are written in Portuguese, but security researchers say it would be easy to translate them into other languages.
Assolini said the reason the scam surfaced in Brazil is that Google Chrome has been the most popular browser there since November 2011 and Facebook is the most popular social network.
"These two facts are enough to motivate Brazil’s bad guys to turn their attentions to both platforms," he wrote.
Assolini advises caution when using Facebook. "And think twice before installing a Google Chrome extension," he said.