Facebook Messenger Sees FacexWorm Malware Resurface, Targets Cryptocurrency Transactions: Trend Micro

Advertisement
By Ankit Chawla | Updated: 2 May 2018 18:43 IST
Highlights
  • The malware was first spotted in August last year
  • It uses fake YouTube links to lure in unsuspecting users
  • It specifically targets cryptocurrency trading platforms

Facebook Messenger was plagued, back in August last year, with a form of malware that sent out fake messages in an attempt to steal passwords and other sensitive information from users on the platform. It seems the malware is back for strike two as it has been spotted stealing data and cryptocurrency from users on the messaging app. It reportedly directs users to fake links where it urges users to install fake Chrome extensions.

Dubbed FacexWorm by the researchers over at security firm Trend Micro, this malware reportedly has had its capabilities transformed and now has a second stint at spreading itself across Facebook and Google Chrome. FacexWorm has added new abilities that include pushing indigenous cryptocurrency scams, mining infected systems for cryptocurrency, and stealing account credentials from websites. A socially engineered fake YouTube page is sent to unsuspecting Facebook Messenger users prompting them to install a codec extension from where it gets installed on their systems. A Facebook share link enables the malware to reach other people in your friend list as well, and possibly infect their systems as well.

Advertisement

Interestingly enough, the blog post states, FacexWorm malware specifically targets cryptocurrency trading portals by searching for keywords such as 'blockchain' and 'ethereum' present in the URL. Once detected, it will apparently prompt the user to verify wallet address payment by sending a token amount of Ether. While there seems to be no possibility of getting the money back, researchers say only one Bitcoin transaction has been compromised in the ordeal yet.

The Trend Micro blog suggests this to be FacexWorm's malicious behaviour - steal the user's account credentials for Google, MyMonero, and Coinhive; push a cryptocurrency scam, conduct malicious web cryptocurrency mining, hijack cryptocurrenty-related transactions, and earn from cryptocurrency-related referral programmes.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. How to Watch the FIFA World Cup 2026 Final Live Stream in India
  2. Here's How Much the iQOO Z11 Lite Could Cost in India
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.