A New Facebook Messenger Malware Is Targeting Crypto Users

A malicious Google Chrome extension known for its effectiveness has been revamped to target cryptocurrency exchanges, cybersecurity company Trend Micro reported this week.

Dubbed FacexWorm, Trend Micro said in a blog post that the malicious extension's capabilities «were made over» to steal user credentials for Google, MyMonero, and Coinhive; in sum, it promotes a scam that dupes users into sending ether to the attacker's wallet and drains a computer's processing power to power clandestine cryptocurrency mining.

The extension also has the ability to hijack cryptocurrency transactions on a variety of major exchanges including Poloniex, HitBTC, Bitfinex, Ethfinex, Binance in addition to Blockchain's (previously Blockchain.info) crypto wallet, according to Trend Micro.

First exposed in August 2017, the malware initially used Facebook Messenger to send malicious links that, when clicked on, provided the attacker with access to users' Facebook accounts while also infecting their operating systems. FacexWorm resurfaced in early April of this year.

Trend Micro said it had discovered one affected bitcoin transaction, but it has not identified the value of the plunder garnered from the crypto mining.

The company reported that Chrome removed many of the FacexWorm extensions prior to Trend Micro's discovery and that Facebook Messenger is also capable of detecting and blocking the insidious links the malware uses.

Chrome banned cryptocurrency mining extensions from its Web Store in early April.

Trend Micro advised users to «think before sharing, be more prudent against unsolicited or suspicious messages and enable tighter privacy settings for your social media accounts.»

Everything Ex-CFTC Chair Gary Gensler Said About Cryptos Being Securities

Good afternoon, I am going to talk to you about blockchain technology and its real potential. And I believe it does have a real potential in the world of finance.

It's an innovative way, of course, to verifiably move value or apply code or «dapps» as some people call them on a distributed network, but what's moving value or code on a distributed network, but really finance because it ties to the essential plumbing of the financial sector which at its core moves and allocates money and risk. So, value and code, money and risk.

It seems, in essence, this is the core to the plumbing of the financial sector. To reach its potential though, and for public confidence, blockchain technology has to be compliant with laws.

It doesn't mean the laws have to stay exactly the same, but laws that have been established over many, many decades that customers and investors and to make sure that markets work efficiently, that's called market integrity. So, customer protection, investor protection, market integrity. And to really work I believe blockchain technology needs to come within that public policy framework.

Now this can be done by balancing those protections while at the same time promoting innovation. But as we currently see things, we're not in a pretty good shape right now.

There really is significant non-compliance with respect to the laws, certainly in this country and in many many other countries as well. Many initial coin offerings probably well over a thousand, many crypto exchanges, probably 100 to 200, are basically operating outside of US law.

And when I say outside, that means non-compliance with the laws right now. So, that's a lot of this marketplace right now, now I'm an optimist, I want to see this technology succeed, it is in essence about the plumbing of the financial system and it's a new technology that can really enhance the financial system.

Read further