A new cryptocurrency-mining bot is spreading through Facebook messenger. It seeks to make PCs of users from Vietnam, Ukraine, South Korea, Venezuela, Thailand, the Philippines and Azerbaijan to mine cryptocurrency. Fortunately, the virus affects only browser version of Messenger and all those who use other platforms, first of all Messenger mobile app, should not worry.
The virus mines Monero – an open source cryptocurrency created in 2014 and based on CryptoNote protocol. It is assumed that the cryptocurrency provides high security and anonymity of transactions.
Here’s how it all works: first of all a user receives a message (possibly from a friend) with a zip-file that looks like a video. When installed, that file downloads some components from a special server and sets up an auto start mechanism to open a browser (Chrome) with malicious extensions that conduct mining. Just like true viruses it also starts reproducing itself, so every single friend of an “infected user” may receive a similar message with that zip-video. That’s basically the way computer fraudster make money on using our PCs, as they often do.
However, we can chill out – Facebook has already removed most of virus-related links. Anyway, nowadays we should be careful not to become a victim of both an “ordinary” crime and a cyber one. So, watch out!