A new monero mining malware is spreading via Facebook Messenger in Korea, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. 94790 single-format-standard new-cryptocurrency-mining-bot-is-infesting-facebook-messenger global-block-template-1 td-magazine single_template_2 the bot bitcoin-js-composer js-comp-ver-5.
Cyber security researchers found a new type of malware spreading across the world via the Facebook Messenger app. This malicious bot is using the many computers it has infected to mine cryptocurrency for its unscrupulous developers at the expense of users. Facebook Messenger, which they named Digmine. First observed in South Korea, Digmine has already been found in Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. The bot is spreading very fast, using hijacked systems to infect more computers like a virus, and is therefore expected to have reach other countries where it previously remained hidden. Digmine is sent to victims masquerading as a link to a video file when it is actually an executable script.
It affects Facebook Messenger’s desktop and web versions using the Goggle Chrome browser. Once in control of Chrome, it uses the browser to download additional tools for its clandestine mining operation. In addition, if the user’s Facebook account is set to log in automatically, Digmine will hijack Messenger to spread the the file to all of the account holder’s friends. The researchers shared their findings with Facebook which removed many of the links to Digmine from its messenger app. We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger. If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners.