Threat Intelligence Report: FacexWorm

The invinsec Threat Intelligence Analysts have discovered a new malware exploit that is being seen on the web (researchers first discovered the exploit in August 2017 and immediately after, it was removed from the Chrome Web Store). In April 2018, researchers discovered a repackaged version of the malware with a few tweaks which had the additional capability to steal Facebook, Google and Cryptocurrency credentials amongst others.

Name of Exploit

Type of Exploit
Malware, Social Engineering, Phishing, Credential Hijack

How Exploit is Spread
YouTube videos via Facebook Messenger, Google Chrome Web Store extensions

Global Risk
High – Facebook Messenger is used globally therefore the risk exponentially grows. The malware has appeared in a limited number of locations (Germany, Tunisia, Japan, Taiwan, South Korea and Spain) but it has not been seen in the UK.

Download the full report


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s