A Google Chrome app that promises to change the color of Facebook accounts instead nabs authentication cookies and generates dozens of blogs registered to the victimsâ€™ Gmail address, Â in a new scam analyzed by Bitdefender Labs.
Once the malicious app is installed from Googleâ€™s Chrome Web Store, it starts displaying a large Google Ads banner redirecting users to a â€œwork from home scam.â€ When clicking the sign-up link, users are redirected to a fraudulent website.
â€œScammers gave a new twist to the old change-your-Facebook-color scheme thatâ€™s been luring users to fraudulent websites to grab credentials and other sensitive data,â€ says Chief Security Strategist Catalin Cosoi. â€œBy creating dozens of blogs for a single account, the scam spreads like wildfire among Facebook friends.â€
Â The blogs generating under the e-mail address of the victims, which are used in further disseminating the scam, have registered a large number of hits among users in the US, the UK, Germany, Spain, Romania, and other countries.
Â The app can also posts wall messages on the victims’ account. The messages use friend tagging to convince the victimâ€™s friends to visit the blog domains. Each time the app posts on a usersâ€™ timeline, it links to one of the auto-generated blogs as to avoid blacklisting.
This article is based on the technical information provided courtesy of Andrei Serbanoiu, Bitdefender Software Analyst.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.