Security Experts at Cheetah Mobile have uncovered a new scam based on a fake Facebook Color Changer App which infected 10000 users worldwide.
Facebook is a privileged target for cyber criminals, in many cases old fraud schema are proposed again by bad actors, it is the case of the bogus Facebook “Color Changer” app.
Researchers at China-based Internet company Cheetah Mobile have discovered a “Facebook colour changer” app in the wild that tricks Facebook users into downloading it via a malicious phishing site. The malicious app has already deceived more than 10,000 mobile users worldwide offering the possibility to customize the layout of the Facebook with different colors.
According to the researchers at Cheetah Mobile, the attackers exploited a “a vulnerability that lives in Facebook’s app page itself, allowing hackers to implant viruses and malicious code into Facebook-based applications that directs users to phishing sites.”
The phishing campaign targets victims worldwide using mobile and desktop devices, below the tactics discovered by researchers:
Attackers try to steal victim’s Facebook Access Token by requesting to watch a tutorial video on how to change color to with the app, with this trick attackers are able to access victim’s Facebook friends.
If the victim doesn’t watch the video, then the malicious website requests victim to download the color changer application which is used to infect their device.
Desktop PC users are lead to a malicious website to download a pornographic video player, meanwhile Android users were displaying a warning message that informed them that their device has been infected and advised to download a specific application to sanitize it.
So be aware of any advertisement or mobile app that promises you to personalize Facebook layout and colors, but if you are one of the victims of this scam uninstall the malicious application as soon as possible and change your Facebook password.
As usual protect your mobile with defense solutions and install applications only from trusted app stores.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.