Malware attacks on Facebook are on the rise, according to a recent report out Wednesday by Meta, the parent company of the social media giant. As artificial intelligence-themed lures, such as ChatGPT, become commonplace to spread malware, Meta’s security team has uncovered 10 different families of malicious software attempting to target users. Attackers are using malicious browser extensions on official web stores, promoting them on social media and through sponsored search results to trick unsuspecting users into downloading them.
One of the most common types of malicious software is the Ducktail malware which has been targeting Facebook users since 2021. This malware is capable of stealing browser cookies, hijacking Facebook sessions, and stealing account information, location data, and two-factor authentication codes. It can also control any Facebook Business account that the victim has access to. The malicious software is believed to originate from threat actors in Vietnam, for which Meta sent out cease-and-desist letters and notified law enforcement.
Meta was recently alerted to a new type of malware called Nodestealer in January of this year. It focuses on Windows-based browsers and can steal cookies and login details to access Gmail, Outlook, and Facebook accounts. Immediately upon its discovery, Meta took action and worked with domain registrars and hosting providers to try and disrupt its distribution. Thankfully, their work has been successful as there haven’t been any new occurrences of the malware since February 27.
To help protect its users, Meta has added new features to its platforms. These include support tools to help people identify and remove malware, controls to better manage, audit, and limit account access, and Facebook at Work accounts launching later this year. With the help of Meta’s new protective measures, Facebook and its users can have better safe from the dangerous malware threats online.
Meta is a company based in San Francisco, United States and it was founded in I997. It develops software and services for its customers in the areas of payment, artificial intelligence, virtual reality, eCommerce, content management and digital strategy. It currently operates in 32 countries across the world.
Duc H. Nguyen and Ryan Victory are security engineers at Meta who recently released a blog post regarding the dangers of ChatGPT lures and how it has been spreading malware throughout Facebook and other platforms. Nguyen and Victory have years of experience in the security field and have been instrumental in helping Meta detect malicious software and help protect its users from it.
