Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
From yesterday (December 18, 2017), a new type of malicious code has appeared and raged in Vietnam. This malicious code is not too sophisticated but is spreading very fast through Facebook Messenger because it is sent from the friends in the friend list.
- How to remove the code as a video format on Facebook Messenger
- How to fix when Facebook is infected with virus
This new malicious code spreads by automatically sending a zip file inside containing a disguised video file via Facebook Messenger with the name 'video_' + 4 random numbers.
According to a malware analyst, this new type of malicious code is written in AutoIT language with the main functions being tampered with:
How the code works
When entering the computer, the malicious code will retrieve and send information to the computer to the hxxp: //ojoku.bigih.bid/api/cherry/login.php address.
The malicious code then downloads and installs a malicious extension to the user's browser. This extension continues to spread the malicious files in video format to friends on the Facebook of the infected person. Then, this malicious code loads the other extension into folders such as desktop, taskbar, program . by writing the chrome shortcut file.
Finally, the malicious code will restart chrome for the extension to work and spread another type of malicious code used to dig the crypto currency as 'coin minner'. This is why your device is always in a state of lag without understanding why.
How to prevent this new malicious code?
If you receive such a file, and have missed the click, download, don't worry too much, the dynamic code hasn't spread to your computer. Because this new malware is only really spread if you open the file.
To prevent this malicious code from spreading on your computer if you accidentally click open the file, open the hosts file and add the following lines:
127.0.0.1 ojoku.bigih.bid
127.0.0.1 plugin.ojoku.bigih.bid
This measure is only temporary. Attackers can easily distribute malicious code other than other domains. Therefore, to avoid this new malicious code, you should not open strange files from Facebook Messenger. Also, use antivirus software to make sure your computer is safe.
See more:
- The new DNS service Quad9 helps block malicious domains
- Detect and prevent Ransomware with CyberSight RansomStopper
You should read it
- How to prevent malicious blackmail JPG code via Facebook Messenger
- After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
- Warning: New malicious code is infecting about 500,000 router devices
- 14 games on the App Store contain malicious code, iPhone users be careful
- Find bug in Emotet malware, prevent it from spreading for 6 months
- Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype ...
- Malicious code is growing up
- Warning: new code of virtual money digging is available via Facebook Messenger
- How to prevent .SVG images containing new malware on Facebook
- Malware sneaks into iOS through Apple's official distribution channels
- 10 million Android devices are preinstalled with malicious code from the factory
- Discover a new kind of malicious code that can record the phone call to extort money
Maybe you are interested
How to Share Your Exact Location with Google Plus Codes
More than 200 apps containing malicious code were discovered and downloaded millions of times on the Google Play Store.
7 best barcode scanning apps on phones
Latest Pet Simulator X 2022 Codes and How to Enter Codes
Latest Project Smash Roblox Codes
Latest Eatventure Code 2024 get free coins and diamonds