New Malware Steals Crypto Through Facebook Messenger

FacexWorm malware implements a mechanism to deter victims from removing the malicious extension from the browser
01 May 2018   1556

Trend Micro researchers has issued a report about a new malware under the name FacexWorm which tricks the users to click on a link sent to their Facebook Messenger application, and then pay cryptocurrency in order to access content they want to browse.

FacexWorm isn’t new. It was uncovered in August 2017, though its whys and hows were still unclear at the time. Last April 8, however, we noticed a spike in its activities that coincided with external reports of FacexWorm surfacing in Germany, Tunisia, Japan, Taiwan, South Korea, and Spain.
 

Trend Micro

Trend Micro researchers excplained that FacexWorm is a clone of a normal Chrome extension, but injected with short code containing its main routine. The FacexWorm extension automatically redirects users to a page, where they are asked to send a small amount of Ethereum to verify their account.

FacexWorm is delivered through socially engineered links sent to Facebook Messenger. The links redirect to a fake YouTube page that will ask unwitting users to agree and install a codec extension (FacexWorm) in order to play the video on the page. It will then request privilege to access and change data on the opened website.
 

Trend Micro

According to the information from The Cryptograph, Chrome Web Store has taken care of removing the extension, and Facebook banned domains associated with the spam messages.

MetaMask App to be In Public Beta

The app is synchronized with the cryptowallet in the original browser extension allowing to register new addresses in a moment
24 July 2019   265

The developers of the MetaMask Ethereum wallet wallet have opened the way for everyone to test the beta version of a mobile application available for Android and iOS.

According to the developers, the application is synchronized with the cryptowallet in the initial browser extension. It also allows you to manage crypto-assets, send ETH users and ERC-20 and ERC-721 standard tokens using ENS names (Ethereum Name Service), and interact with decentralized applications (dApps).

In addition, the application supports InstaPay payment channels for instant and free transactions. It also implements Web3 functionality, support for IPFS and various solutions to ensure a high level of security.

The launch of the mobile application MetaMask was announced 9 months ago during the Devcon4 conference in Prague.