Reserved IP Address°C
05-04-2025
BSV
$36.54
Vol 25.18m
-2.21%
BTC
$95413
Vol 14091.69m
-0.85%
BCH
$357.62
Vol 151.46m
-2.92%
LTC
$85.77
Vol 214.09m
-1.74%
DOGE
$0.17
Vol 564.19m
-2.93%
Getting your Trinity Audio player ready...

FacexWorm, a malicious Google Chrome extension, has been targeting cryptocurrency trading platforms via Facebook Messenger, according to a Trend Micro report.

This was not the first time FacexWorm has targeted unsuspecting users. The malware was first uncovered last year in August by Kaspersky labs researcher David Jacoby. At the time, it was unclear how it operated and the purpose for its creation. Eight months later,Trend Micro noticed on April 8 activities that resembled the malware. At the time of discovery, there were already reports of FacexWorm attack in countries like Tunisia, Germany, Spain, Japan, Taiwan, and South Korea.

The new version of FacexWorm works similarly like the old version with few new adjustments. In addition to sending socially engineered links to friends from an affected Facebook Messenger account, it can steal users account and credential details. FacexWorm also causes cryptocurrency fraud, puts malicious cryptocurrency mining codes on a website and redirects users to attackers’ referral link for cryptocurrency related programs. It can also hijack cryptocurrency transactions and steal money from platforms, such as Poloniex, HitBTC, Bitfinex, Ethfinex, and Binance, and wallets like Blockchain.info.

According to the report, users who opened the link were redirected to a fake YouTube page, where they will be asked to install a codec extension—FacexWorm—to play the video. Finally, users will get a request for “privilege to access,” and change data on the opened website. Once granted access,FacexWorm will download malicious codes to help in executing its operations.

The malware has only been able to affect a small group of people, according to the Trend Micro team, which has so far been able to identify one BTC transaction that was affected by FacexWorm. They were, however, not able to determine how many BTC coins have been earned from the malicious malware

Chrome has taken measures to remove and prevent attackers from uploading FacexWorm in their system.Facebook Messenger has also put measures to detect and prevent FacexWorm uploads by attackers. Trend Micro urges users to be careful while sharing information with friends.

Last year, Amazon had a malware attack that was uploaded to their Amazon Web Services servers. The malware executed BTC mining command that allowed mining using the company’s large process power to facilitate the process.

Recommended for you

India debuts ITES-Q report to bolster quantum tech
India marks a major milestone in quantum science with ITES-Q, a paper offering an in-depth analysis of domestic and international...
May 4, 2025
L1 vs L2 scaling: Paul Sztorc joins CoinGeek Weekly Livestream
In this CG Weekly Livestream episode, Sztorc laid out being open to big blocks on the second layer and explained...
May 2, 2025
Advertisement
Advertisement
Advertisement