Just when you thought malware couldn't get any meaner, Microsoft announced that a new Trojan horse is hijacking victims' Facebook accounts, liking pages and even posting comments on their behalf.
A security bulletin from Microsoft, issued Friday (May 10), warned that a malware threat from Brazil was posing as a browser extension for Google Chrome and Mozilla Firefox.
Microsoft didn't specify what the bogus extension promised potential users, but once installed, the Trojan — identified as Trojan:JS/Febipos.A — checks to see whether users are currently signed into Facebook.
If they are, the Trojan downloads a configuration file with a list of unsavory commands. From there, it can get users into all sorts of trouble by liking pages, sharing links, posting on users' behalf, joining groups, inviting friends to join groups, chatting with friends and commenting on posts.
Browser extensions are often cross-platform, which means a malicious extension that wreaks havoc on Windows will probably do so on Mac OS X or on Linux as well.
[See also: Mainstream Websites More Likely to Harbor Malware ]
According to Microsoft, some versions of the Trojan contain commands to post malicious links with provocative messages in chat, posts and comments.
The program posts in Portuguese, but may also be able to post in other languages.
Microsoft caught the Trojan posting comments that translate as, "Sorry guys, but this is ridiculous!!!" and "The coolest tune at the moment. It's really nice!"
Even while Microsoft was examining the Trojan, the number of likes and shares on infected pages kept growing, suggesting the malware is steadily spreading.
"There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time," Microsoft reported on its Malware Protection Center Blog.
Malware scams on Facebook are a steadily growing phenomenon that can take many forms.
To avoid falling victim to this malware menace — and potentially losing friends in the process — you should make sure your anti-virus products are up-to-date.
Download browser extensions only from the official Firefox and Chrome extension repositories. And think twice before clicking on random links, even if they're sent from friends.