Researchers at Cybersecurity firm Trend Micro have warned that hackers are using Facebook Messenger to infect computers with “Digmine”, a virus that turns victims’ computers into a cryptocurrency miner without their knowledge.
The malware was first discovered in South Korea and since its discovery, it has paved its way into Thailand, Vietnam, Venezuela, Azerbaijan, Philippines, and Ukraine. If people aren’t cautious, Digmine could soon reach other countries.
What is Digmine?
Digimine only works when it is spread via the desktop version of the app on Google Chrome. If the app is accessed on any another platform, such as a mobile phone, Digmine won’t function. But Trend Micro warns it can still be considered very dangerous as it can let hackers take over users’ Facebook accounts and slow their computer down. Trend Mirco explains:
“Digmine is coded in AutoIt, and sent to would-be victims posing as a video file but is actually an AutoIt executable script. If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends.
“The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line. This functionality’s code is pushed from the command-and-control (C&C) server, which means it can be updated.”
Once installed on the victim’s computer, the Digmine script file downloads more components from the control server. It saves the downloaded components in the %appdata%\ directory.
Once rooted in the system, Digmine will edit the registry, giving itself the auto-start access, and download a malicious extension on Chrome. The malicious browser extension is responsible for propagation via interaction with Chrome, and by extension, Facebook Messenger.
After Trend Micro revealed its findings, Facebook claims to have taken down any links connected to Digmine:
“We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger. If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners.”
How to Protect Yourself
In order to keep yourself protected from Digmine, follow the best safety practices recommended by security experts. For instance, always log out of your accounts, even if it is your personal computer. Use passwords that have a combination of letter, numbers and symbols.
Make sure these passwords are not dictionary words. Also, use two-factor authentication. Meanwhile, install a link scanning extension on your browser that will warn you of a malicious link.