Beware all the cryptocurrency holders because a new malware, FacexWorm, is lurking around and is now targeting the crypto trading platforms mainly through the affected browsers.
The researchers at TrendMicro have recently spread the awareness of the problems that are caused by FacexWorm. This malware is being spread through Facebook Messenger via spammy links.
Image source: 2spyware.com
Though the increase of instant messaging apps is increasing the risk of such malware, Facebook Messenger has been the primary method of attach and there is a potential risk that it will spread across other similar apps as well.
Using FacexWorm, spammers are targeting cryptocurrency trading platforms. Also, as we see the rapid increase in the popularity of Bitcoin and other altcoins on the market, such criminals are always on the move to steal the holdings of the people via such malwares.
Previously there have been many hacking attempts on crypto currency trading platforms which shows that such criminals are always ready to use different means to gain unauthorized access.
Right now, this malware works if a Facebook Messenger user is first infected with FacexWorm. When that particular user is infected, this malware will affect his browser in a way that it will automatically distribute socially engineered links to the friends of affected Facebook accounts and the loop will continue.
FacexWorm is capable of stealing accounts and important credentials from websites of interest which currently is cryptocurrency trading platforms.
Users who have enabled TWO-FACTOR AUTHENTICATION on their accounts are not prone to its threat.
However, hackers and spammers have even figured out how to get 2FA access and this means after you are infected with this malware, your security and important information is at the sake of your exchange.
FacexWorm
Other than stealing credentials FacexWorm is also capable injecting malicious mining scripts on different webpages and hijack transactions occurring on the crypto trading platforms and other web based wallets.
A good news is that FaceWorm has not been successful and so far only one transaction was compromised via this malware. But we never know when the hackers will find a better way of gaining unauthorized access to crypto based transactions.
Important to note that this malware currently circulates via the most popular messaging app across the world, which means that it can affect more users, leading to more scams and threats.
The most common way to infect users with FacexWorm is through Chrome plugins/extensions and they are getting quite popular nowadays.
However, Google is closely monitoring such threats in order to prevent their users from such malwares.