The invinsec Threat Intelligence Analysts have discovered a new malware exploit that is being seen on the web (researchers first discovered the exploit in August 2017 and immediately after, it was removed from the Chrome Web Store). In April 2018, researchers discovered a repackaged version of the malware with a few tweaks which had the additional capability to steal Facebook, Google and Cryptocurrency credentials amongst others.
Name of Exploit
Type of Exploit
Malware, Social Engineering, Phishing, Credential Hijack
How Exploit is Spread
YouTube videos via Facebook Messenger, Google Chrome Web Store extensions
High – Facebook Messenger is used globally therefore the risk exponentially grows. The malware has appeared in a limited number of locations (Germany, Tunisia, Japan, Taiwan, South Korea and Spain) but it has not been seen in the UK.