FacexWorm Facebook Messenger Malware Attacks Crypto Users

A malicious Google Chrome extension known for its usefulness has been restored back to Chrome to target cryptocurrency exchanges, reported Trend Micro, a cybersecurity company.

The extension, which is referred to as FacexWorm, “was made over” to steal user credentials for Google, MyMonero, and Coinhive; this way, it is promoting a scam that dupes users into sending ether to the attacker’s wallet and drains a computer’s processing power undercover cryptocurrency mining.

According to Trend Micro, FacexWorm will also be able to target cryptocurrency transactions from different cryptocurrency exchanges like Poloniex, HitBTC, Bitfinex, Ethfinex, Binance in addition to Blockchain’s crypto wallet.

“First exposed in August 2017, the malware initially used Facebook Messenger to send malicious links that, when clicked on, provided the attacker with access to users’ Facebook accounts while also infecting their operating systems. FacexWorm resurfaced in early April of this year.”

Trend Micro further stated that it recently learned of one affected bitcoin transaction, but has not yet identified the value of the plunder garnered from the crypto mining.

The organization detailed that Chrome evacuated a large number of the FacexWorm expansions before Trend Micro’s revelation and that Facebook Messenger is additionally equipped for identifying and hindering the guileful connections the malware employments.

The company added that Chrome removed many of the FacexWorm extensions before Trend Micro’s discovery and that Facebook Messenger is also capable of detecting and blocking the insidious links the malware uses.

Chrome made a stop to any form of cryptocurrency mining extensions from its Web Store earlier in April.

Pattern Micro exhorted clients to “think before sharing, be more judicious against spontaneous or suspicious messages and empower more tightly security settings for your online networking accounts.”

Trend Micro advised users to “think before sharing, be more prudent against unsolicited or suspicious messages and enable tighter privacy settings for your social media accounts.”


Time limit is exhausted. Please reload CAPTCHA.