Security researchers have discovered a cryptocurrency-mining malware targeting Facebook Messenger users.
The malware, called Digmine, is disguised as a video file, usually with the name video_xxxx.zip, according to cybersecurity company Trend Micro. It will infect users who try and run the file. The malware installs a malicious Chrome extension that allows it to access an affected user’s Facebook profile and send private messages to all of their contacts with the malware file.
The malicious bot only impacts users who access it through a desktop version of Chrome. If you open the file through a mobile app, Trend Micro says, it will not infect your device.
Digmine has been spotted in South Korea, Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela, Trend Micro says; however, the researchers note that, given malware’s built-in propagation functionality, it’s possible that it’ll spread elsewhere.
Once Digimine installs on your machine, it downloads a number of components, including a cryptocurrency miner that will use your machine to mine the Monero cryptocurrency.
Facebook told Trend Micro it had taken down any links connected to the malware from the social networking site, but as Bleeping Computer pointed out, the hackers are able to both alter the current links to continue targeting users on the platform and, by adding more code, add additional functions to the malware that could allow it to hijack a user’s account or otherwise manipulate an account, according to Trend Micro.
We have reached out to Facebook for comment and will update this article with its response. In a statement to Trend Micro, Facebook said, “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger,” Facebook said in a statement. “If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners.”
In case you’re new to this whole malware thing, you should always err on the side of caution when you receive links, even if they are from someone you know. While this type of malware isn’t new—cryptocurrency mining has been around for years—it is seeing a new surge of attention as the cryptocurrency market explodes. With hype comes hacks.