How to Protect Your Account from the New Facebook Messenger Bug Hacking Passwords

Users' private data has always been a prime target for cybercriminals. The meteoric rise of social media over the past few years and the amount of personal information that has become available online has made privacy-related issues even more prominent. Market leader Facebook revealed that Facebook password hackers try to break into users' accounts 600, 000 times every day, which is quite mind-blowing statistics. Despite the best efforts of cybersecurity specialists, thousands of users still use weak passwords to secure their social media accounts. As a consequence, efforts to considerably reduce password hacking rate remain fruitless.

Beware of malware targeting Facebook users

There are many cases when Facebook password hackers break into users' accounts with the intention of extracting personal information; however, as recent events have shown, password hackers might leverage hacked accounts for the sole purpose of distributing malicious software too. FacexWorm is a newly-discovered malicious Chrome extension that propagates via compromised Facebook accounts. It was uncovered by security researchers in August 2017 and was removed from the Chrome Web Store by Google shortly after to prevent it from spreading. Unfortunately, FacexWorm is back with a bang in 2018. It has been observed that it is the most prevalent in Japan, Germany, Tunisia, Taiwan, Spain, and South Korea, but, without a doubt, it can affect any Facebook Messenger user despite his/her place of residence.

FacexWorm's modus operandi

According to specialists at Trend Micro, it seems that FacexWorm has been slightly updated. Unlike its older version that was detected back in 2017, it can now be used to steal accounts and credentials from certain websites. To be more specific, it might hack passwords of Google, MyMonero, and Coinhive accounts in no time. Of course, it does not limit itself to only one malicious activity. FacexWorm is also responsible for pushing a cryptocurrency scam. If it detects that the user types cryptocurrency-related keywords (e.g. Ethereum and blockchain)or tries to access the cryptocurrency trading platform, it automatically opens a scam asking users to send a small amount (usually, 0.5 – 10) of Ether for the purpose of verification. Speaking of cryptocurrency, this malicious extension might also hijack cryptocurrency transactions by replacing the recipient's wallet address with another one that belongs to the attacker. Last but not least, it is also capable of mining cryptocurrency. Just like any other ordinary cryptocurrency miner, it uses the affected computer's CPU power to perform this activity, which means that it might turn into a slow zombie.

What about FacexWorm distribution?

It has turned out that FacexWorm malware is mainly spread via accounts hacked by Facebook password hackers. The malware distribution chain starts when a user receives the malicious link opening a fake YouTube page to Facebook Messenger. The majority of users fall for it because they receive links from their friends, which proves again that it is extremely important to inspect all links before clicking on them no matter where they come from. Once the malicious link is opened, the fake YouTube page tries to convince the user to install the Chrome extension to play the video it contains. If the user acts as expected, i.e. installs the promoted malicious extension, FacexWorm establishes communication with its C&C server and immediately downloads malicious codes from it. The first thing it does on the affected computer is hacking passwords of selected accounts it finds opened. To put it another way, it steals login credentials from login forms. Then, it connects to its C&C server again and tries to get the victim's Facebook OAuth token so that it could send fake YouTube links to people on the hacked Facebook account's friend list and thus continue spreading from device to device.

How do I protect my Facebook account from malware hacking passwords?

Facebook has already taken certain security measures that should eliminate malicious links and files from Facebook and Facebook Messenger leaving no chance for Facebook password hackers to break into users' accounts and access private data. However, specialists working in the cybersecurity department still want to remind users that their cybersecurity is highly dependent on their actions, so they cannot act carelessly if they seek to prevent password hacking. There are several pieces of advice they have for you.

To click or not to click, that is the question

You probably know that clicking on links inside emails and private messages received from people and organizations you know nothing about might be a dangerous practice, but are you aware of the fact that your friends might send malicious links to you too? This explains why so many users fall into the hackers' trap and get their passwords hacked. Do not blame people on your friend list – the chances are high that they do not even know that they have become distributors of malicious links. Instead, let them know that Facebook password hackers have their passwords in their hands.

The problem with malicious links is that it is not so easy to recognize them. In other words, they might not look dangerous at all at first glance. Because of this, if you are not 100% sure that the received link has been intentionally sent to you by your friend, you should contact that person before you click on the link. You can also hover over the link to see the URL it will open if clicked on. Never click on links you cannot recognize!

Set a new secure password for your accounts

One of the main goals of FacexWorm is to steal credentials, as mentioned previously, so it is very important that you change all your passwords right away if you suspect that you have encountered this malicious application and your passwords have been hacked. Make sure your new passwords are longer and more complicated to ensure the safety of your online accounts.

What is a strong password? Specialists say that users' passwords have to consist of at least 16 characters with a combination of symbols, upper/lower cases, and numbers to be considered secure. They also cannot contain any dictionary words, personal details (e.g. address, birthday, and surname), usernames, or other simple algorithms that can be easily deciphered by cybercriminals. In other words, a secure password is nowhere near 123456 which can be found at the top of the worst passwords list.

Using one strong password for all your accounts is not enough. You must use a unique password for each and every one of your online accounts too. We do not expect you to create strong passwords yourself when password managers that can generate secure unique passwords for all accounts are available on the market. Cyclonis Password Manager is one of the trusted password managers. With its Password Generator, you could generate complex passwords of up to 32 characters. The password manager will also keep all your saved passwords in a secure vault away from password hackers. Last but not least, it will remember and enter your login credentials for you, which means that you could access your accounts at the click of a button.

Do not reuse passwords

Many users use the same password across multiple accounts because they find it impossible to remember unique passwords for all accounts they have. It might seem that there is nothing dangerous about reusing passwords, but it is, believe us. If one of your account's password is hacked, cybercriminals could access all other accounts sharing the same password with no difficulty. In the case of a data breach, ALL your accounts might get compromised if one service provider experiences a data breach and your non-unique password is leaked.

Sharing is not always caring

No doubt passwords are a major defense against hackers; however, if you share them with others, even the closest ones, your accounts might soon get hacked no matter how secure your passwords are. Specialists say that it is a very bad idea to send passwords via email as well since they travel unencrypted and can be easily extracted by cybercriminals in case the email is intercepted.

Enable two-factor authentication

Setting strong passwords is not enough to protect online accounts these days, so if the online platform you use offers two-factor authentication, you should enable it without question. Turning on this security feature is like adding an extra layer of security. You will be asked to enter your username, password, and a second factor, e.g. a unique code sent to you to access your account, which means that password hackers could not log into your account and access private data even if they hack your password.

Password hackers will not stop developing and distributing malicious software that help to steal private information easier anytime soon, so you should focus on not getting infected with malware in the first place to keep your online privacy intact.

August 13, 2018

Leave a Reply