Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
From yesterday (December 18, 2017), a new type of malicious code has appeared and raged in Vietnam. This malicious code is not too sophisticated but is spreading very fast through Facebook Messenger because it is sent from the friends in the friend list.
From yesterday (December 18, 2017), a new type of malicious code has appeared and raged in Vietnam. This malicious code is not too sophisticated but is spreading very fast through Facebook Messenger because it is sent from the friends in the friend list.
- How to remove the code as a video format on Facebook Messenger
- How to fix when Facebook is infected with virus
This new malicious code spreads by automatically sending a zip file inside containing a disguised video file via Facebook Messenger with the name 'video_' + 4 random numbers.
According to a malware analyst, this new type of malicious code is written in AutoIT language with the main functions being tampered with:
How the code works
When entering the computer, the malicious code will retrieve and send information to the computer to the hxxp: //ojoku.bigih.bid/api/cherry/login.php address.
The malicious code then downloads and installs a malicious extension to the user's browser. This extension continues to spread the malicious files in video format to friends on the Facebook of the infected person. Then, this malicious code loads the other extension into folders such as desktop, taskbar, program . by writing the chrome shortcut file.
Finally, the malicious code will restart chrome for the extension to work and spread another type of malicious code used to dig the crypto currency as 'coin minner'. This is why your device is always in a state of lag without understanding why.
If you receive such a file, and have missed the click, download, don't worry too much, the dynamic code hasn't spread to your computer. Because this new malware is only really spread if you open the file.
To prevent this malicious code from spreading on your computer if you accidentally click open the file, open the hosts file and add the following lines:
127.0.0.1 ojoku.bigih.bid
127.0.0.1 plugin.ojoku.bigih.bid
This measure is only temporary. Attackers can easily distribute malicious code other than other domains. Therefore, to avoid this new malicious code, you should not open strange files from Facebook Messenger. Also, use antivirus software to make sure your computer is safe.
See more:
- The new DNS service Quad9 helps block malicious domains
- Detect and prevent Ransomware with CyberSight RansomStopper
You should read it
- How to prevent malicious blackmail JPG code via Facebook Messenger
- After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
- Warning: New malicious code is infecting about 500,000 router devices
- 14 games on the App Store contain malicious code, iPhone users be careful
- Find bug in Emotet malware, prevent it from spreading for 6 months
- Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype ...
- Malicious code is growing up
- Warning: new code of virtual money digging is available via Facebook Messenger
- How to prevent .SVG images containing new malware on Facebook
- Malware sneaks into iOS through Apple's official distribution channels
- 10 million Android devices are preinstalled with malicious code from the factory
- Discover a new kind of malicious code that can record the phone call to extort money
Maybe you are interested
Rjukan, the 'town without the sun' in Norway, had to set up a giant mirror to catch the sun How to transfer the Microsoft Authenticator app to a new phone Get more free storage from Dropbox, Google Drive, Skydrive, Ubuntu One 10 best Android emulator software for Windows Instructions to install Android game with APK file on computer with Droid4X How to fix Droid4X to update the video card